How to integrate Entitle withe Sentinel

Ali Salem Panah 0

Hi Team,

I wanted to integrate Entitle with Sentinel, but I noticed that there is no built-in connector for Entitle in Sentinel by default. After speaking with the Entitle support team, they informed me that Entitle uses webhooks for integration.

Could you please guide me on how I can integrate Entitle with Sentinel using either a Function App or Logic App?

1 answer

Clive Watson 6,351 Reputation points MVP

2024-09-03T09:33:20.6966667+00:00

Hello, the list of available connector options are discussed here; https://video2.skills-academy.com/en-us/azure/sentinel/create-custom-connector

There is a webhook example you might be able to adapt / learn from: https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks/Ingest-Prisma
Please sign in to rate this answer.
Ali Salem Panah 0 Reputation points

2024-09-05T10:19:40.6166667+00:00

Hi again

I decided to integrate of our Entitle tool with sentinel via webhook after creating the app and run test i got this error { "Error": "InvalidDataFormat", "Message": null } how can i fix it this is my code

{

"definition": { "$schema": "https://schema.management.azure.com/providers/Microsoft.Logic/schemas/2016-06-01/workflowdefinition.json#", "actions": { "Send_Data": { "inputs": { "body": "@triggerBody()", "headers": { "Content-Type": "application/json", "Log-Type": "cocko_logs" }, "host": { "connection": { "referenceName": "azureloganalyticsdatacollector" } }, "method": "post", "path": "/api/logs" }, "runAfter": {}, "type": "ApiConnection" } }, "contentVersion": "1.0.0.0", "outputs": {}, "triggers": { "When_a_HTTP_request_is_received": { "inputs": { "method": "POST" }, "kind": "Http", "type": "Request" } } }, "kind": "Stateful"

}

Givary-MSFT 32,311 Reputation points Microsoft Employee

2024-09-10T05:28:58.3233333+00:00

@Ali Salem Panah Thank you for reaching out to us, the above issue described may require in-depth troubleshooting by our team. Would recommend if you could open a support ticket for further investigation.
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

How to integrate Entitle withe Sentinel

1 answer

Your answer