Trustifi has a built-in Integration with Azure EventHub as an SIEM system which can be used to automatically send different types of data and events from your Trustifi dashboard to your Azure EventHub instance. The integration can automatically send these types of data:
Newly created entries in your inbound quarantined emails in Trustifi
“Account Takeover Protection” incidents
Any newly created audit logs from your Trustifi dashboard
To connect the integration between Trustifi and your Azure EventHub instance, follow the simple steps below:
Step 1 - Navigate to the Azure EventHub Integration Window
The Azure EventHub integration section can be found in either the Inbound Integrations or Outbound Integrations pages in the Trustifi dashboard.
When you are in the “Integrations” page, find the Azure EventHub section and click on it to open the connection pop-up.
Step 2 - Open the Connection Credentials Section
In the “Azure EventHub Integration” pop-up, you will see a general description of how the integration works, as well as the current connection status (initially should be “Disconnected”).
Click on the “Connect” button to open the connection credentials section.
After the connection has been established for this integration (in the next step), you can go back to this screen to use the “Verify connection” option to send a test log from Trustifi to your Azure EventHub instance.
Step 3 - Entering Connection Credentials and Connecting
In the next window you will need to follow these steps to establish the connection between Trustifi and your Azure EventHub instance:
Paste the Azure EventHub connection string which you can copy from your Azure instance
Click on the “Connect” button to establish the connection
This connection process only needs to be done once, after the connection has been established Trustifi will continue to send logs to your Azure EventHub instance continuously.