stoQ plugin that sends results to Azure Sentinel.
- Obtain Azure Log Analytics Workspace ID and Key. Directions for obtaining the keys can be found here
All options below may be set by:
-
workspaceid[str]: ClientID/ID for the Log Analytics Workspace string -
workspacekey[str]: Key/Secret for the Log Analytics Workspace string. The primary or secondary shared key may be used. -
logtype[str]: This field denote the Log Analytics table that the log will send to. Log analytics will automatically append_CLto this value.
Defaults to
stoQ.