Configure the integration to view TrendAI Vision One™ Workbench alerts and Observed Attack Techniques events directly in the Microsoft Sentinel platform.
The connector includes the following resources to enhance your monitoring and
investigation capabilities:
-
Workbook that provides insights into alert trends and impacted hosts
-
Rule templates to create incidents for alerts based on severity
Procedure
- Create a Microsoft Sentinel workspace.For more information, see https://docs.microsoft.com/en-us/learn/modules/create-manage-azure-sentinel-workspaces/.
- Configure and deploy the connector.For more information, see Deploy the TrendAI Vision One™ connector in Microsoft Sentinel.
- View the ingested data in your Log Analytics workspace.For more information, see View the ingested data in Log Analytics workspaces.