Merge pull request #288949 from Saisang/dataconnectorsautogen-1022

[AUTOGEN] Data connectors monthly update

Author: Jill Grant

articles/sentinel/TOC.yml

@@ -286,6 +286,8 @@
       href: data-connectors/armis-activities.md
     - name: Armis Alerts (using Azure Functions)
       href: data-connectors/armis-alerts.md
+    - name: Armis Alerts Activities (using Azure Functions)
+      href: data-connectors/armis-alerts-activities.md
     - name: Armis Devices (using Azure Functions)
       href: data-connectors/armis-devices.md
     - name: Armorblox (using Azure Functions)
@@ -304,6 +306,8 @@
       href: data-connectors/azure-activity.md
     - name: Azure Batch Account
       href: data-connectors/azure-batch-account.md
+    - name: Azure CloudNGFW By Palo Alto Networks
+      href: data-connectors/azure-cloudngfw-by-palo-alto-networks.md
     - name: Azure Cognitive Search
       href: data-connectors/azure-cognitive-search.md
     - name: Azure DDoS Protection
@@ -362,6 +366,8 @@
       href: data-connectors/corelight-connector-exporter.md
     - name: Cortex XDR - Incidents
       href: data-connectors/cortex-xdr-incidents.md
+    - name: Cribl
+      href: data-connectors/cribl.md
     - name: CrowdStrike Falcon Adversary Intelligence (using Azure Functions)
       href: data-connectors/crowdstrike-falcon-adversary-intelligence.md
     - name: Crowdstrike Falcon Data Replicator (using Azure Functions)
@@ -440,10 +446,22 @@
       href: data-connectors/greynoise-threat-intelligence.md
     - name: HackerView Intergration (using Azure Functions)
       href: data-connectors/hackerview-intergration.md
+    - name: HYAS Protect (using Azure Functions)
+      href: data-connectors/hyas-protect.md
     - name: Holm Security Asset Data (using Azure Functions)
       href: data-connectors/holm-security-asset-data.md
+    - name: Illumio SaaS (using Azure Functions)
+      href: data-connectors/illumio-saas.md
     - name: Imperva Cloud WAF (using Azure Functions)
       href: data-connectors/imperva-cloud-waf.md
+    - name: Infoblox Data Connector via REST API (using Azure Functions)
+      href: data-connectors/infoblox-data-connector-via-rest-api.md
+    - name: Infoblox Cloud Data Connector via AMA
+      href: data-connectors/recommended-infoblox-cloud-data-connector-via-ama.md
+    - name: Infoblox SOC Insight Data Connector via AMA
+      href: data-connectors/recommended-infoblox-soc-insight-data-connector-via-ama.md
+    - name: Infoblox SOC Insight Data Connector via REST API
+      href: data-connectors/infoblox-soc-insight-data-connector-via-rest-api.md
     - name: InfoSecGlobal Data Connector
       href: data-connectors/infosecglobal-data-connector.md
     - name: IONIX Security Logs
@@ -546,8 +564,12 @@
       href: data-connectors/palo-alto-prisma-cloud-cspm.md
     - name: Perimeter 81 Activity Logs
       href: data-connectors/perimeter-81-activity-logs.md
+    - name: Phosphorus Devices
+      href: data-connectors/phosphorus-devices.md
     - name: Prancer Data Connector
       href: data-connectors/prancer-data-connector.md
+    - name: Premium Microsoft Defender Threat Intelligence (Preview)
+      href: data-connectors/premium-microsoft-defender-threat-intelligence.md
     - name: Proofpoint On Demand Email Security (using Azure Functions)
       href: data-connectors/proofpoint-on-demand-email-security.md
     - name: Proofpoint TAP (using Azure Functions)
@@ -556,6 +578,8 @@
       href: data-connectors/qualys-vm-knowledgebase.md
     - name: Qualys Vulnerability Management (using Azure Functions)
       href: data-connectors/qualys-vulnerability-management.md
+    - name: Radiflow iSID via AMA
+      href: data-connectors/radiflow-isid-via-ama.md
     - name: Rapid7 Insight Platform Vulnerability Management Reports (using Azure Functions)
       href: data-connectors/rapid7-insight-platform-vulnerability-management-reports.md
     - name: Rubrik Security Cloud data connector (using Azure Functions)
@@ -572,6 +596,8 @@
       href: data-connectors/sentinelone.md
     - name: Seraphic Web Security
       href: data-connectors/seraphic-web-security.md
+    - name: Silverfort Admin Console
+      href: data-connectors/silverfort-admin-console.md
     - name: Slack Audit (using Azure Functions)
       href: data-connectors/slack-audit.md
     - name: Snowflake (using Azure Functions)
@@ -634,6 +660,10 @@
       href: data-connectors/zero-networks-segment-audit.md
     - name: Zero Networks Segment Audit (Function) (using Azure Functions)
       href: data-connectors/zero-networks-segment-audit.md
+    - name: ZeroFox CTI (using Azure Functions)
+      href: data-connectors/zerofox-cti.md
+    - name: ZeroFox Enterprise - Alerts (Polling CCP)
+      href: data-connectors/zerofox-enterprise-alerts-polling-ccp.md
     - name: Zimperium Mobile Threat Defense
       href: data-connectors/zimperium-mobile-threat-defense.md
     - name: Zoom Reports (using Azure Functions)

articles/sentinel/data-connectors-reference.md

@@ -104,6 +104,7 @@ For more information about the codeless connector platform, see [Create a codele
 
 - [Armis Activities (using Azure Functions)](data-connectors/armis-activities.md)
 - [Armis Alerts (using Azure Functions)](data-connectors/armis-alerts.md)
+- [Armis Alerts Activities (using Azure Functions)](data-connectors/armis-alerts-activities.md)
 - [Armis Devices (using Azure Functions)](data-connectors/armis-devices.md)
 
 ## Armorblox
@@ -175,6 +176,10 @@ For more information about the codeless connector platform, see [Create a codele
 
 - [Corelight Connector Exporter](data-connectors/corelight-connector-exporter.md)
 
+## Cribl
+
+- [Cribl](data-connectors/cribl.md)
+
 ## Crowdstrike
 
 - [CrowdStrike Falcon Adversary Intelligence (using Azure Functions)](data-connectors/crowdstrike-falcon-adversary-intelligence.md)
@@ -278,6 +283,14 @@ For more information about the codeless connector platform, see [Create a codele
 
 - [GreyNoise Threat Intelligence (using Azure Functions)](data-connectors/greynoise-threat-intelligence.md)
 
+## HYAS Infosec Inc
+
+- [HYAS Protect (using Azure Functions)](data-connectors/hyas-protect.md)
+
+## Illumio, Inc.
+
+- [Illumio SaaS (using Azure Functions)](data-connectors/illumio-saas.md)
+
 ## H.O.L.M. Security Sweden AB
 
 - [Holm Security Asset Data (using Azure Functions)](data-connectors/holm-security-asset-data.md)
@@ -286,6 +299,13 @@ For more information about the codeless connector platform, see [Create a codele
 
 - [Imperva Cloud WAF (using Azure Functions)](data-connectors/imperva-cloud-waf.md)
 
+## Infoblox
+
+- [[Recommended] Infoblox Cloud Data Connector via AMA](data-connectors/recommended-infoblox-cloud-data-connector-via-ama.md)
+- [[Recommended] Infoblox SOC Insight Data Connector via AMA](data-connectors/recommended-infoblox-soc-insight-data-connector-via-ama.md)
+- [Infoblox Data Connector via REST API (using Azure Functions)](data-connectors/infoblox-data-connector-via-rest-api.md)
+- [Infoblox SOC Insight Data Connector via REST API](data-connectors/infoblox-soc-insight-data-connector-via-rest-api.md)
+
 ## Infosec Global
 
 - [InfoSecGlobal Data Connector](data-connectors/infosecglobal-data-connector.md)
@@ -348,6 +368,7 @@ For more information about the codeless connector platform, see [Create a codele
 - [Azure Stream Analytics](data-connectors/azure-stream-analytics.md)
 - [Syslog via AMA](data-connectors/syslog-via-ama.md)
 - [Microsoft Defender Threat Intelligence (Preview)](data-connectors/microsoft-defender-threat-intelligence.md)
+- [Premium Microsoft Defender Threat Intelligence (Preview)](data-connectors/premium-microsoft-defender-threat-intelligence.md)
 - [Threat intelligence - TAXII](data-connectors/threat-intelligence-taxii.md)
 - [Threat Intelligence Platforms](data-connectors/threat-intelligence-platforms.md)
 - [Threat Intelligence Upload Indicators API (Preview)](data-connectors/threat-intelligence-upload-indicators-api.md)
@@ -423,11 +444,16 @@ For more information about the codeless connector platform, see [Create a codele
 ## Palo Alto Networks
 
 - [Palo Alto Prisma Cloud CSPM (using Azure Functions)](data-connectors/palo-alto-prisma-cloud-cspm.md)
+- [Azure CloudNGFW By Palo Alto Networks](data-connectors/azure-cloudngfw-by-palo-alto-networks.md)
 
 ## Perimeter 81
 
 - [Perimeter 81 Activity Logs](data-connectors/perimeter-81-activity-logs.md)
 
+## Phosphorus Cybersecurity 
+
+- [Phosphorus Devices](data-connectors/phosphorus-devices.md)
+
 ## Prancer Enterprise
 
 - [Prancer Data Connector](data-connectors/prancer-data-connector.md)
@@ -442,6 +468,10 @@ For more information about the codeless connector platform, see [Create a codele
 - [Qualys Vulnerability Management (using Azure Functions)](data-connectors/qualys-vulnerability-management.md)
 - [Qualys VM KnowledgeBase (using Azure Functions)](data-connectors/qualys-vm-knowledgebase.md)
 
+## Radiflow
+
+- [Radiflow iSID via AMA](data-connectors/radiflow-isid-via-ama.md)
+
 ## Rubrik, Inc.
 
 - [Rubrik Security Cloud data connector (using Azure Functions)](data-connectors/rubrik-security-cloud-data-connector.md)
@@ -470,6 +500,10 @@ For more information about the codeless connector platform, see [Create a codele
 
 - [Seraphic Web Security](data-connectors/seraphic-web-security.md)
 
+## Silverfort Ltd.
+
+- [Silverfort Admin Console](data-connectors/silverfort-admin-console.md)
+
 ## Slack
 
 - [Slack Audit (using Azure Functions)](data-connectors/slack-audit.md)
@@ -545,6 +579,11 @@ For more information about the codeless connector platform, see [Create a codele
 - [Zero Networks Segment Audit](data-connectors/zero-networks-segment-audit.md)
 - [Zero Networks Segment Audit (Function) (using Azure Functions)](data-connectors/zero-networks-segment-audit.md)
 
+## Zerofox, Inc.
+
+- [ZeroFox CTI (using Azure Functions)](data-connectors/zerofox-cti.md)
+- [ZeroFox Enterprise - Alerts (Polling CCP)](data-connectors/zerofox-enterprise-alerts-polling-ccp.md)
+
 ## Zimperium, Inc.
 
 - [Zimperium Mobile Threat Defense](data-connectors/zimperium-mobile-threat-defense.md)

articles/sentinel/data-connectors/abnormalsecurity.md

@@ -3,7 +3,7 @@ title: "AbnormalSecurity (using Azure Functions) connector for Microsoft Sentine
 description: "Learn how to install the connector AbnormalSecurity (using Azure Functions) to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 04/26/2024
+ms.date: 10/15/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ms.collection: sentinel-data-connector
@@ -109,7 +109,7 @@ If you're already signed in, go to the next step.
 
 	d. **Enter a globally unique name for the function app:** Type a name that is valid in a URL path. The name you type is validated to make sure that it's unique in Azure Functions. (e.g. AbnormalSecurityXX).
 
-	e. **Select a runtime:** Choose Python 3.8.
+	e. **Select a runtime:** Choose Python 3.11.
 
 	f. Select a location for new resources. For better performance and lower costs choose the same [region](https://azure.microsoft.com/regions/) where Microsoft Sentinel is located.
 

articles/sentinel/data-connectors/alicloud.md

@@ -3,7 +3,7 @@ title: "AliCloud (using Azure Functions) connector for Microsoft Sentinel"
 description: "Learn how to install the connector AliCloud (using Azure Functions) to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 04/26/2024
+ms.date: 10/15/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ms.collection: sentinel-data-connector
@@ -113,7 +113,7 @@ If you're already signed in, go to the next step.
 
 	d. **Enter a globally unique name for the function app:** Type a name that is valid in a URL path. The name you type is validated to make sure that it's unique in Azure Functions. (e.g. AliCloudXXXXX).
 
-	e. **Select a runtime:** Choose Python 3.8.
+	e. **Select a runtime:** Choose Python 3.11.
 
 	f. Select a location for new resources. For better performance and lower costs choose the same [region](https://azure.microsoft.com/regions/) where Microsoft Sentinel is located.
 

articles/sentinel/data-connectors/api-protection.md

@@ -3,7 +3,7 @@ title: "API Protection connector for Microsoft Sentinel"
 description: "Learn how to install the connector API Protection to connect your data source to Microsoft Sentinel."
 author: cwatson-cat
 ms.topic: how-to
-ms.date: 04/26/2024
+ms.date: 10/15/2024
 ms.service: microsoft-sentinel
 ms.author: cwatson
 ms.collection: sentinel-data-connector
@@ -65,7 +65,7 @@ The installation process is documented in great detail in the GitHub repository
 
 Step 2: Retrieve the workspace access credentials
 
-The first installation step is to retrieve both your **Workspace ID** and **Primary Key** from the Sentinel platform.
+The first installation step is to retrieve both your **Workspace ID** and **Primary Key** from the Microsoft Sentinel platform.
 Copy the values shown below and save them for configuration of the API log forwarder integration.
 
 
@@ -89,15 +89,15 @@ In order to test the data ingestion the user should deploy the sample *httpbin*
 
 4.1 Install the sample
 
-The sample application can be installed locally using a [Docker compose file](https://github.com/42Crunch/azure-sentinel-integration/blob/main/sample-deployment/docker-compose.yml) which will install the httpbin API server, the 42Crunch API protection and the Sentinel log forwarder. Set the environment variables as required using the values copied from step 2.
+The sample application can be installed locally using a [Docker compose file](https://github.com/42Crunch/azure-sentinel-integration/blob/main/sample-deployment/docker-compose.yml) which will install the httpbin API server, the 42Crunch API protection and the Microsoft Sentinel log forwarder. Set the environment variables as required using the values copied from step 2.
 
 4.2 Run the sample
 
 Verfify the API protection is connected to the 42Crunch platform, and then exercise the API locally on the *localhost* at port 8080 using Postman, curl, or similar. You should see a mixture of passing and failing API calls. 
 
 4.3 Verify the data ingestion on Log Analytics
 
-After approximately 20 minutes access the Log Analytics workspace on your Sentinel installation, and locate the *Custom Logs* section verify that a *apifirewall_log_1_CL* table exists. Use the sample queries to examine the data.
+After approximately 20 minutes access the Log Analytics workspace on your Microsoft Sentinel installation, and locate the *Custom Logs* section verify that a *apifirewall_log_1_CL* table exists. Use the sample queries to examine the data.