ThreatQ Connector for Microsoft Azure Sentinel
The web format of this guide reflects the most current release. Guides for older iterations are available in PDF format.
Integration Details
ThreatQuotient provides the following details for this integration:
| Current Integration Version | 1.5.1 |
| Compatible with ThreatQ Versions | >= 4.56.0 |
| Python Version | 3.6 |
| Support Tier | Not Actively Supported |
Introduction
ThreatQ v6 Users – while the connector’s overall operation remains the same, installation and usage commands for ThreatQ v6 users will differ from what is listed in this guide. See the Installing Custom Connectors in ThreatQ v6 and Installing Custom Connectors on Another Instance topics for additional information.
This connector has been deprecated and replaced by the ThreatQ CDF for Microsoft Azure Sentinel Incidents and ThreatQ Action Bundle for Microsoft Azure Sentinel.
The ThreatQ Connector for Microsoft Azure Sentinel integration allows a user to export indicators directly to Microsoft Sentinel.
You must configure a new application in Microsoft Azure before you can install the connector. See the Prerequisites chapter before attempting to install the connector.
PDF Guides
| Document | ThreatQ Version |
|---|---|
| ThreatQ Connector for Microsoft Azure Sentinel Guide v1.5.1 | 4.56 or Greater |