Skip to content

Commit 8f31bbb

Browse files
EdB-MSFTEdB-MSFT
authored
Update connector-details.md
1 parent d14f3a7 commit 8f31bbb

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

articles/sentinel/includes/connector-details.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
author: EdB-MSFT
33
ms.author: edbayansh
44
ms.topic: include
5-
ms.date: 07/09/2025
5+
ms.date: 07/08/2025
66
---
77

88
## Sentinel data connectors
@@ -259,4 +259,4 @@ ms.date: 07/09/2025
259259
|<a name="zerofox-cti-using-azure-functions"></a><details><summary>**ZeroFox CTI (using Azure Functions)** </summary> <br> The ZeroFox CTI data connectors provide the capability to ingest the different [ZeroFox](https://www.zerofox.com/threat-intelligence/) cyber threat intelligence alerts into Microsoft Sentinel.<p> **Log Analytics table(s):** <br> - `ZeroFox_CTI_advanced_dark_web_CL`<br>- `ZeroFox_CTI_botnet_CL`<br>- `ZeroFox_CTI_breaches_CL`<br>- `ZeroFox_CTI_C2_CL`<br>- `ZeroFox_CTI_compromised_credentials_CL`<br>- `ZeroFox_CTI_credit_cards_CL`<br>- `ZeroFox_CTI_dark_web_CL`<br>- `ZeroFox_CTI_discord_CL`<br>- `ZeroFox_CTI_disruption_CL`<br>- `ZeroFox_CTI_email_addresses_CL`<br>- `ZeroFox_CTI_exploits_CL`<br>- `ZeroFox_CTI_irc_CL`<br>- `ZeroFox_CTI_malware_CL`<br>- `ZeroFox_CTI_national_ids_CL`<br>- `ZeroFox_CTI_phishing_CL`<br>- `ZeroFox_CTI_phone_numbers_CL`<br>- `ZeroFox_CTI_ransomware_CL`<br>- `ZeroFox_CTI_telegram_CL`<br>- `ZeroFox_CTI_threat_actors_CL`<br>- `ZeroFox_CTI_vulnerabilities_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).<p> - **ZeroFox API Credentials/permissions**: **ZeroFox Username**, **ZeroFox Personal Access Token** are required for ZeroFox CTI REST API.</details> | [ZeroFox](https://www.zerofox.com/contact-us/) |
260260
|<a name="zerofox-enterprise---alerts-polling-ccp"></a><details><summary>**ZeroFox Enterprise - Alerts (Polling CCF)** </summary> <br> Collects alerts from ZeroFox API.<p> **Log Analytics table(s):** <br> - `ZeroFoxAlertPoller_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **ZeroFox Personal Access Token (PAT)**: A ZeroFox PAT is required. You can get it in Data Connectors > [API Data Feeds](https://cloud.zerofox.com/data_connectors/api).</details> | [ZeroFox](https://www.zerofox.com/contact-us/) |
261261
|<a name="zimperium-mobile-threat-defense"></a><details><summary>**Zimperium Mobile Threat Defense** </summary> <br> Zimperium Mobile Threat Defense connector gives you the ability to connect the Zimperium threat log with Microsoft Sentinel to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization's mobile threat landscape and enhances your security operation capabilities.<p> **Log Analytics table(s):** <br> - `ZimperiumThreatLog_CL`<p>**Data collection rule support:** <br>Not currently supported</details> | [Zimperium](https://www.zimperium.com/support/) |
262-
|<a name="zoom-reports-using-azure-functions"></a><details><summary>**Zoom Reports (using Azure Functions)** </summary> <br> The [Zoom](https://zoom.us/) Reports data connector provides the capability to ingest [Zoom Reports](https://developers.zoom.us/docs/api/rest/reference/zoom-api/methods/#tag/Reports) events into Microsoft Sentinel through the REST API. Refer to [API documentation](https://developers.zoom.us/docs/api/) for more information. The connector enables event retrieval to assess potential security risks, monitor collaboration, and diagnose and troubleshoot configuration issues.<p> **Log Analytics table(s):** <br> - `Zoom_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).<p> - **REST API Credentials/permissions**: **AccountID**, **ClientID** and **ClientSecret** are required for Zoom API. For more information, see [Zoom API](https://developers.zoom.us/docs/internal-apps/create/). [Follow the instructions for Zoom API configurations](https://aka.ms/sentinel-zoomreports-readme).</details> | [Microsoft Corporation](https://support.microsoft.com/) |
262+
|<a name="zoom-reports-using-azure-functions"></a><details><summary>**Zoom Reports (using Azure Functions)** </summary> <br> The [Zoom](https://zoom.us/) Reports data connector provides the capability to ingest [Zoom Reports](https://developers.zoom.us/docs/api/rest/reference/zoom-api/methods/#tag/Reports) events into Microsoft Sentinel through the REST API. Refer to [API documentation](https://developers.zoom.us/docs/api/) for more information. The connector enables event retrieval to assess potential security risks, monitor collaboration, and diagnose and troubleshoot configuration issues.<p> **Log Analytics table(s):** <br> - `Zoom_CL`<p>**Data collection rule support:** <br>Not currently supported<p>**Prerequisites:**<br> - **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).<p> - **REST API Credentials/permissions**: **AccountID**, **ClientID** and **ClientSecret** are required for Zoom API. For more information, see [Zoom API](https://developers.zoom.us/docs/internal-apps/create/). [Follow the instructions for Zoom API configurations](https://aka.ms/sentinel-zoomreports-readme).</details> | [Microsoft Corporation](https://support.microsoft.com/) |

0 commit comments

Comments
 (0)