Azure Sentinel Integration
You can send your Flare alerts directly to your Azure Sentinel instance. Here's how to configure Flare and receive data in your Sentinel Workspace. For detailed instructions, follow the demo link provided.
You can click on the provided link to see a step-by-step guide on Azure Sentinel integration: https://app.storylane.io/share/37v9qcjcfuho
You will need a Workspace with read/write permissions as well as Keys (created in Azure Key Vault)
Go to Team
Click on Edit
Click on Create a new Alert Channel
Click on See details
Add Details
Workspace ID and Shared Key: Go to Sentinel -> Settings -> Workspace Setting -> Agents Management. From there open the dropdown Log Analytics agent instructions.
You will see your workspace ID and Primary key there. Confirm the values are correct by using the Test button. You should receive a test log inside your Workspace Log analytics within a minute.
When you are satisfied with the results, click Save.
You should by then receive all the data Flare sends directly in your Workspace's Log Analytics. Note that we will write in a table called Firework_CL.
We also have Workbooks that aggregate the data you received in various Dashboards and Playbooks that automate opening of incidents and sending of emails when leaked credentials (email/password) are found.
You can create the Solution on Azure by Clicking Here.