Merge pull request #249567 from cwatson-cat/sentinel-dc-refresh-8-28-23

Sentinel auto gen data connector refresh (August 2023)

Author: JamesJBarnett

.openpublishing.redirection.sentinel.json

@@ -179,6 +179,36 @@
             "source_path": "articles/sentinel/store-logs-in-azure-data-explorer.md",
             "redirect_url": "/azure/azure-monitor/logs/data-retention-archive",
             "redirect_document_id": true
+          },
+          {
+            "source_path": "articles/sentinel/data-connectors/box-using-azure-function.md",
+            "redirect_url": "/azure/sentinel/data-connectors/box-using-azure-functions",
+            "redirect_document_id": true
+          },
+          {
+            "source_path": "articles/sentinel/data-connectors/office-365.md",
+            "redirect_url": "/azure/sentinel/data-connectors/microsoft-365",
+            "redirect_document_id": true
+          },
+          {
+            "source_path": "articles/sentinel/data-connectors/sophos-endpoint-protection-using-azure-function.md",
+            "redirect_url": "/azure/sentinel/data-connectors/sophos-endpoint-protection-using-azure-functions",
+            "redirect_document_id": true
+          },
+          {
+            "source_path": "articles/sentinel/data-connectors/palo-alto-prisma-cloud-cspm-using-azure-function.md",
+            "redirect_url": "/azure/sentinel/data-connectors/palo-alto-prisma-cloud-cspm-using-azure-functions",
+            "redirect_document_id": true
+          },
+          {
+            "source_path": "articles/sentinel/data-connectors/proofpoint-tap-using-azure-function.md",
+            "redirect_url": "/azure/sentinel/data-connectors/proofpoint-tap-using-azure-functions",
+            "redirect_document_id": true
+          },
+          {
+            "source_path": "articles/sentinel/data-connectors/rubrik-security-cloud-data-connector-using-azure-function.md",
+            "redirect_url": "/azure/sentinel/data-connectors/rubrik-security-cloud-data-connector-using-azure-functions",
+            "redirect_document_id": true
           }
     ]
 }

articles/sentinel/TOC.yml

@@ -301,7 +301,7 @@
         href: data-connectors/alicloud-using-azure-functions.md
       - name: Amazon Web Services
         href: data-connectors/amazon-web-services.md
-      - name: Amazon Web Services S3
+      - name: Amazon Web Services S3 (preview)
         href: data-connectors/amazon-web-services-s3.md
       - name: Apache HTTP Server
         href: data-connectors/apache-http-server.md
@@ -339,7 +339,7 @@
         href: data-connectors/azure-data-lake-storage-gen1.md
       - name: Azure DDoS Protection
         href: data-connectors/azure-ddos-protection.md
-      - name: Azure Event Hubs
+      - name: Azure Event Hub
         href: data-connectors/azure-event-hub.md
       - name: Azure Firewall
         href: data-connectors/azure-firewall.md
@@ -364,7 +364,7 @@
       - name: Blackberry CylancePROTECT
         href: data-connectors/blackberry-cylanceprotect.md
       - name: Box (using Azure Functions)
-        href: data-connectors/box-using-azure-function.md
+        href: data-connectors/box-using-azure-functions.md
       - name: Broadcom Symantec DLP
         href: data-connectors/braodcom-symantec-dlp.md
       - name: Cisco Application Centric Infrastructure
@@ -375,7 +375,7 @@
         href: data-connectors/cisco-asa-ftd-via-ama.md
       - name: Cisco Duo Security (using Azure Functions)
         href: data-connectors/cisco-duo-security-using-azure-functions.md
-      - name: Cisco Firepower eStreamer
+      - name: Cisco Firepower eStreamer (preview)
         href: data-connectors/cisco-firepower-estreamer.md
       - name: Cisco Identity Services Engine
         href: data-connectors/cisco-identity-services-engine.md
@@ -385,11 +385,13 @@
         href: data-connectors/cisco-secure-email-gateway.md
       - name: Cisco Secure Endpoint (AMP) (using Azure Functions)
         href: data-connectors/cisco-secure-endpoint-amp-using-azure-functions.md
+      - name: Cisco Software Defined WAN
+        href: data-connectors/cisco-software-defined-wan.md
       - name: Cisco Stealthwatch
         href: data-connectors/cisco-stealthwatch.md
       - name: Cisco UCS
         href: data-connectors/cisco-ucs.md
-      - name: Cisco Umbrella (using Azure Functions)
+      - name: Cisco Umbrella (using Azure Function)
         href: data-connectors/cisco-umbrella-using-azure-function.md
       - name: Cisco Web Security Appliance
         href: data-connectors/cisco-web-security-appliance.md
@@ -415,6 +417,8 @@
         href: data-connectors/contrast-protect.md
       - name: Corelight
         href: data-connectors/corelight.md
+      - name: Cortex XDR - Incidents
+        href: data-connectors/cortex-xdr-incidents.md
       - name: Crowdstrike Falcon Data Replicator (using Azure Functions)
         href: data-connectors/crowdstrike-falcon-data-replicator-using-azure-functions.md
       - name: CrowdStrike Falcon Endpoint Protection
@@ -549,6 +553,8 @@
         href: data-connectors/mcafee-epolicy-orchestrator-epo.md
       - name: McAfee Network Security Platform
         href: data-connectors/mcafee-network-security-platform.md
+      - name: Microsoft 365
+        href: data-connectors/microsoft-365.md
       - name: Microsoft 365 Defender
         href: data-connectors/microsoft-365-defender.md
       - name: Microsoft 365 Insider Risk Management
@@ -563,26 +569,30 @@
         href: data-connectors/microsoft-defender-for-identity.md
       - name: Microsoft Defender for IoT
         href: data-connectors/microsoft-defender-for-iot.md
-      - name: Microsoft Defender for Office 365
+      - name: Microsoft Defender for Office 365 (preview)
         href: data-connectors/microsoft-defender-for-office-365.md
       - name: Microsoft Defender Threat Intelligence
         href: data-connectors/microsoft-defender-threat-intelligence.md
-      - name: Microsoft Power BI
+      - name: Microsoft Power BI (preview)
         href: data-connectors/microsoft-powerbi.md
-      - name: Microsoft Project
+      - name: Microsoft Project (preview)
         href: data-connectors/microsoft-project.md
       - name: Microsoft Purview (Preview)
         href: data-connectors/microsoft-purview.md
       - name: Microsoft Purview Information Protection
         href: data-connectors/microsoft-purview-information-protection.md
       - name: Microsoft Sysmon For Linux
         href: data-connectors/microsoft-sysmon-for-linux.md
+      - name: MISP2Sentinel
+        href: data-connectors/misp2sentinel.md
       - name: MongoDB Audit
         href: data-connectors/mongodb-audit.md
       - name: Morphisec UTPP
         href: data-connectors/morphisec-utpp.md
       - name: MuleSoft Cloudhub (using Azure Functions)
         href: data-connectors/mulesoft-cloudhub-using-azure-functions.md
+      - name: Nasuni Edge Appliance
+        href: data-connectors/nasuni-edge-appliance.md
       - name: NC Protect
         href: data-connectors/nc-protect.md
       - name: Netclean ProActive Incidents
@@ -607,8 +617,6 @@
         href: data-connectors/nxlog-dns-logs.md
       - name: NXLog LinuxAudit
         href: data-connectors/nxlog-linuxaudit.md
-      - name: Office 365
-        href: data-connectors/office-365.md
       - name: Okta Single Sign-On (using Azure Functions)
         href: data-connectors/okta-single-sign-on-using-azure-function.md
       - name: OneLogin IAM Platform (using Azure Functions)
@@ -630,7 +638,7 @@
       - name: Palo Alto Networks Cortex Data Lake (CDL)
         href: data-connectors/palo-alto-networks-cortex-data-lake-cdl.md
       - name: Palo Alto Prisma Cloud CSPM (using Azure Functions)
-        href: data-connectors/palo-alto-prisma-cloud-cspm-using-azure-function.md
+        href: data-connectors/palo-alto-prisma-cloud-cspm-using-azure-functions.md
       - name: Perimeter 81 Activity Logs
         href: data-connectors/perimeter-81-activity-logs.md
       - name: PingFederate
@@ -640,7 +648,7 @@
       - name: Proofpoint On Demand Email Security (using Azure Functions)
         href: data-connectors/proofpoint-on-demand-email-security-using-azure-functions.md
       - name: Proofpoint TAP (using Azure Functions)
-        href: data-connectors/proofpoint-tap-using-azure-function.md
+        href: data-connectors/proofpoint-tap-using-azure-functions.md
       - name: Pulse Connect Secure
         href: data-connectors/pulse-connect-secure.md
       - name: Qualys VM KnowledgeBase (using Azure Functions)
@@ -652,7 +660,7 @@
       - name: RSA® SecurID (Authentication Manager)
         href: data-connectors/rsa-securid-authentication-manager.md
       - name: Rubrik Security Cloud data connector (using Azure Functions)
-        href: data-connectors/rubrik-security-cloud-data-connector-using-azure-function.md
+        href: data-connectors/rubrik-security-cloud-data-connector-using-azure-functions.md
       - name: SailPoint IdentityNow (using Azure Functions)
         href: data-connectors/sailpoint-identitynow-using-azure-function.md
       - name: Salesforce Service Cloud (using Azure Functions)
@@ -676,7 +684,7 @@
       - name: Sophos Cloud Optix
         href: data-connectors/sophos-cloud-optix.md
       - name: Sophos Endpoint Protection (using Azure Functions)
-        href: data-connectors/sophos-endpoint-protection-using-azure-function.md
+        href: data-connectors/sophos-endpoint-protection-using-azure-functions.md
       - name: Sophos XG Firewall
         href: data-connectors/sophos-xg-firewall.md
       - name: Squid Proxy
@@ -719,6 +727,8 @@
         href: data-connectors/varmour-application-controller.md
       - name: Vectra AI Detect
         href: data-connectors/vectra-ai-detect.md
+      - name: Vectra XDR (using Azure Functions)
+        href: data-connectors/vectra-xdr-using-azure-functions.md
       - name: VMware Carbon Black Cloud (using Azure Functions)
         href: data-connectors/vmware-carbon-black-cloud-using-azure-functions.md
       - name: VMware ESXi

articles/sentinel/create-custom-connector.md

@@ -180,7 +180,7 @@ For examples of this method, see:
 
 - [Connect your VMware Carbon Black Cloud Endpoint Standard to Microsoft Sentinel with Azure Function](./data-connectors/vmware-carbon-black-cloud-using-azure-functions.md)
 - [Connect your Okta Single Sign-On to Microsoft Sentinel with Azure Function](./data-connectors/okta-single-sign-on-using-azure-function.md)
-- [Connect your Proofpoint TAP to Microsoft Sentinel with Azure Function](./data-connectors/proofpoint-tap-using-azure-function.md)
+- [Connect your Proofpoint TAP to Microsoft Sentinel with Azure Function](./data-connectors/proofpoint-tap-using-azure-functions.md)
 - [Connect your Qualys VM to Microsoft Sentinel with Azure Function](data-connectors/qualys-vulnerability-management-using-azure-functions.md)
 - [Ingesting XML, CSV, or other formats of data](../azure-monitor/logs/create-pipeline-datacollector-api.md#ingesting-xml-csv-or-other-formats-of-data)
 - [Monitoring Zoom with Microsoft Sentinel](https://techcommunity.microsoft.com/t5/azure-sentinel/monitoring-zoom-with-azure-sentinel/ba-p/1341516) (blog)

articles/sentinel/data-connectors-reference.md

@@ -3,7 +3,7 @@ title: Find your Microsoft Sentinel data connector | Microsoft Docs
 description: Learn about specific configuration steps for Microsoft Sentinel data connectors.
 author: cwatson-cat
 ms.topic: reference
-ms.date: 07/26/2023
+ms.date: 08/28/2023
 ms.author: cwatson
 ---
 
@@ -108,7 +108,7 @@ Data connectors are available as part of the following offerings:
 
 ## Box
 
-- [Box (using Azure Function)](data-connectors/box-using-azure-function.md)
+- [Box (using Azure Functions)](data-connectors/box-using-azure-functions.md)
 
 ## Broadcom
 
@@ -132,6 +132,7 @@ Data connectors are available as part of the following offerings:
 ## Cisco Systems, Inc.
 
 - [Cisco Firepower eStreamer](data-connectors/cisco-firepower-estreamer.md)
+- [Cisco Software Defined WAN](data-connectors/cisco-software-defined-wan.md)
 
 ## Citrix
 
@@ -197,6 +198,10 @@ Data connectors are available as part of the following offerings:
 - [AI Analyst Darktrace](data-connectors/ai-analyst-darktrace.md)
 - [Darktrace Connector for Microsoft Sentinel REST API](data-connectors/darktrace-connector-for-microsoft-sentinel-rest-api.md)
 
+## Defend Limited
+
+- [Cortex XDR - Incidents](data-connectors/cortex-xdr-incidents.md)
+
 ## Delinea Inc.
 
 - [Delinea Secret Server](data-connectors/delinea-secret-server.md)
@@ -372,6 +377,7 @@ Data connectors are available as part of the following offerings:
 - [Common Event Format (CEF) via AMA](data-connectors/common-event-format-cef-via-ama.md)
 - [DNS](data-connectors/dns.md)
 - [Fortinet FortiWeb Web Application Firewall](data-connectors/fortinet-fortiweb-web-application-firewall.md)
+- [Microsoft 365 (formerly, Office 365)](data-connectors/microsoft-365.md)
 - [Microsoft 365 Defender](data-connectors/microsoft-365-defender.md)
 - [Microsoft 365 Insider Risk Management](data-connectors/microsoft-365-insider-risk-management.md)
 - [Microsoft Defender for Cloud](data-connectors/microsoft-defender-for-cloud.md)
@@ -386,7 +392,6 @@ Data connectors are available as part of the following offerings:
 - [Microsoft Purview (Preview)](data-connectors/microsoft-purview.md)
 - [Microsoft Purview Information Protection](data-connectors/microsoft-purview-information-protection.md)
 - [Network Security Groups](data-connectors/network-security-groups.md)
-- [Office 365](data-connectors/office-365.md)
 - [Security Events via Legacy Agent](data-connectors/security-events-via-legacy-agent.md)
 - [Syslog](data-connectors/syslog.md)
 - [Threat intelligence - TAXII](data-connectors/threat-intelligence-taxii.md)
@@ -414,6 +419,7 @@ Data connectors are available as part of the following offerings:
 - [Forcepoint CSG](data-connectors/forcepoint-csg.md)
 - [Forcepoint DLP](data-connectors/forcepoint-dlp.md)
 - [Forcepoint NGFW](data-connectors/forcepoint-ngfw.md)
+- [MISP2Sentinel](data-connectors/misp2sentinel.md)
 
 ## MongoDB
 
@@ -427,6 +433,10 @@ Data connectors are available as part of the following offerings:
 
 - [MuleSoft Cloudhub (using Azure Functions)](data-connectors/mulesoft-cloudhub-using-azure-functions.md)
 
+## Nasuni Corporation
+
+- [Nasuni Edge Appliance](data-connectors/nasuni-edge-appliance.md)
+
 ## NetClean Technologies AB
 
 - [Netclean ProActive Incidents](data-connectors/netclean-proactive-incidents.md)
@@ -488,7 +498,7 @@ Data connectors are available as part of the following offerings:
 
 - [Palo Alto Networks (Firewall)](data-connectors/palo-alto-networks-firewall.md)
 - [Palo Alto Networks Cortex Data Lake (CDL)](data-connectors/palo-alto-networks-cortex-data-lake-cdl.md)
-- [Palo Alto Prisma Cloud CSPM (using Azure Functions)](data-connectors/palo-alto-prisma-cloud-cspm-using-azure-function.md)
+- [Palo Alto Prisma Cloud CSPM (using Azure Functions)](data-connectors/palo-alto-prisma-cloud-cspm-using-azure-functions.md)
 
 ## Perimeter 81
 
@@ -505,7 +515,7 @@ Data connectors are available as part of the following offerings:
 ## Proofpoint
 
 - [Proofpoint On Demand Email Security (using Azure Functions)](data-connectors/proofpoint-on-demand-email-security-using-azure-functions.md)
-- [Proofpoint TAP (using Azure Functions)](data-connectors/proofpoint-tap-using-azure-function.md)
+- [Proofpoint TAP (using Azure Functions)](data-connectors/proofpoint-tap-using-azure-functions.md)
 
 ## Pulse Secure
 
@@ -526,7 +536,7 @@ Data connectors are available as part of the following offerings:
 
 ## Rubrik, Inc.
 
-- [Rubrik Security Cloud data connector (using Azure Functions)](data-connectors/rubrik-security-cloud-data-connector-using-azure-function.md)
+- [Rubrik Security Cloud data connector (using Azure Functions)](data-connectors/rubrik-security-cloud-data-connector-using-azure-functions.md)
 
 ## SailPoint
 
@@ -571,7 +581,7 @@ Data connectors are available as part of the following offerings:
 ## Sophos
 
 - [Sophos Cloud Optix](data-connectors/sophos-cloud-optix.md)
-- [Sophos Endpoint Protection (using Azure Functions)](data-connectors/sophos-endpoint-protection-using-azure-function.md)
+- [Sophos Endpoint Protection (using Azure Functions)](data-connectors/sophos-endpoint-protection-using-azure-functions.md)
 - [Sophos XG Firewall](data-connectors/sophos-xg-firewall.md)
 
 ## Squid
@@ -627,6 +637,7 @@ Data connectors are available as part of the following offerings:
 
 - [AI Vectra Stream](data-connectors/ai-vectra-stream.md)
 - [Vectra AI Detect](data-connectors/vectra-ai-detect.md)
+- [Vectra XDR (using Azure Functions)](data-connectors/vectra-xdr-using-azure-functions.md)
 
 ## VMware
 

articles/sentinel/data-connectors/amazon-web-services-s3.md

@@ -1,5 +1,5 @@
 ---
-title: "Amazon Web Services S3 connector for Microsoft Sentinel"
+title: "Amazon Web Services S3 connector for Microsoft Sentinel (preview)"
 description: "Learn how to install the connector Amazon Web Services S3 to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
@@ -8,7 +8,7 @@ ms.service: microsoft-sentinel
 ms.author: cwatson
 ---
 
-# Amazon Web Services S3 connector for Microsoft Sentinel
+# Amazon Web Services S3 connector for Microsoft Sentinel (preview)
 
 This connector allows you to ingest AWS service logs, collected in AWS S3 buckets, to Microsoft Sentinel. The currently supported data types are: 
 * AWS CloudTrail