Purpose of the integration
This integration automatically sends application Audit Logs from an internal database to Microsoft Sentinel, a cloud-native Security Information and Event Management (SIEM) solution. By centralizing log data, it enhances security and compliance, enabling efficient threat detection, investigation, and response.
How to set it up?
To enable the integration for a customer, we require the following details:
- Microsoft Sentinel Workspace ID - The unique identifier for the customer's Sentinel workspace.
- Primary Key (Shared Key) - Used to authenticate requests sent to Sentinel's ingestion API.
Once the customers provides these details, we handle the internal setup, ensuring that Audit Logs from Nexetic Backup for Microsoft 365 and/or Entra ID are automatically sent to the Sentinel API on a daily basis.