![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 96%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESB%3C/text%3E%3C/svg%3E)
Azure Data Explorer
An Azure data analytics service for real-time analysis on large volumes of data streaming from sources including applications, websites, and internet of things devices.
507 questions
@Soumya Banerjee
Thank you for your post!
When it comes to integrating Carbon Black logs into Azure Sentinel, we only have the VMware Carbon Black Endpoint Standard (Preview) connector. Which'll allow you to ingest data using Azure Functions and the REST API. However, an AWS Access Key Id, AWS Secret Access Key, AWS S3 Bucket Name, and Folder Name in AWS S3 Bucket are required for using the Amazon S3 REST API.
Additional Links:
Connect Microsoft Sentinel to Amazon Web Services to ingest AWS service log data
Find your Microsoft Sentinel data connector
As of right now, using the Carbon Black Endpoint Standard (Preview) connector without an AWS S3 bucket isn't possible. However, if you'd like to be able to use it without an AWS S3 bucket, I'd recommend leveraging our User Voice forum and creating a feature request, so our engineering team can look into implementing this. I've also created an internal feature request, so our engineering team is aware of this as well.
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.