Add file transfer activity to Sentinel investigations
Couchdrop integrates with Microsoft Sentinel to deliver logs, metrics, and audit events into your security operations center.
Category
SIEM
Type
Platform
Integrate Microsoft Sentinel with Couchdrop
How it works
Couchdrop sends selected platform events to Azure Monitor so they can be used inside Microsoft Sentinel for security monitoring, investigation, and alerting.
After the Microsoft Sentinel logging provider is configured, Couchdrop forwards the event types you choose through Azure Monitor’s log ingestion pipeline. Those events can then become part of your Sentinel workspace. This allows you to review all Couchdrop file activity and administrative events in your existing log pipeline without having to check Couchdrop separately.
Capabilities
- Send selected Couchdrop events to Azure Monitor for use in Microsoft Sentinel
- Centralize managed file transfer activity with Microsoft security telemetry
Getting started
- In Couchdrop, go to logging in the Admin panel and select Microsoft Sentinel.
- Choose the Couchdrop events you want to send to Azure Monitor and add the required configuration details.
- Confirm the selected Couchdrop events are available in Microsoft Sentinel for search, investigation, and alerting.