Sentinel Data Lake

Connect Sola and Sentinel Data Lake to get security insights

Overview

The Sentinel Data Lake integration allows you to connect Microsoft Sentinel, Defender, and Entra as a real-time security data stream and get continuous, context-aware insights for detection, investigation, and response.

With the Sentinel Data Lake integration, you can:

Connect Microsoft Sentinel security events as a real-time data stream for continuous analysis and correlation.
Correlate Sentinel security events with data across your cloud, identity, and SaaS environment.
Investigate security events in real time with Sola's AI-powered reasoning.
Support detection, investigation, and response with live security data from your Microsoft environment.

Your data can only be retrieved, never modified.

Once connected, your data is securely stored, and access is restricted to retrieving configurations and metadata only. Authentication methods ensure secure delegation of permissions while maintaining data integrity.

Set up Google Sheets data source integration with Sola

Go to Integrations > Data Sources > click New data source > select Sentinel Data Lake.

The Sola wizard will take you through the steps.

Set up Sentinel Data Lake ->

To connect connect Sentinel Data Lake, you'll need an Azure user with:

Owner or User Access Administrator role on the subscription, and
Application Administrator or Global Administrator role in Azure AD.

You'll also need Azure Cloud Shell configured on your account.

This method uses Azure Cloud Shell to create an Azure Service Principal with read-only roles on your Sentinel workspace and output the credentials needed to complete the connection.

PreviousGoogle Sheets NextSnowflake

Last updated 7 days ago

Was this helpful?