A new integration of WithSecure Elements to Microsoft Sentinel has been published in the Azure marketplace.
The new integration is more secure, serverless and requires no maintenance from the customer. It brings all security events supported by the Elements API to MS Sentinel.
Alternatively, the connector can be installed from the command line by following the instructions in github.
How it works
The integration allows ingesting WithSecure Security Events into Microsoft Sentinel Logs Workspace. It periodically polls Security Events from Elements backends and forwards it to Azure cloud. A Sentinel administrator can then use the ingested events to create Workbooks, Playbooks and use other useful Sentinel features.