Documentation Index

Fetch the complete documentation index at: https://docs.trustifi.com/llms.txt

Use this file to discover all available pages before exploring further.

Azure EventHub Integration

  • 1 minute(s) read
Prev Next

Overview

Trustifi provides a built-in integration with Azure EventHub to support Security Information and Event Management (SIEM) workflows. This integration automatically sends security-relevant data and event logs from the Trustifi platform to your Azure EventHub instance for centralized monitoring, correlation, and long-term retention.

Integration Capabilities

Once connected, the Azure EventHub integration automatically exports the following event types from your Trustifi environment:

  • Newly created entries in inbound quarantined emails

  • Account Takeover Protection incidents

  • Newly created audit log entries from the Trustifi dashboard

These events can then be consumed by Azure Sentinel, custom SIEM pipelines, or other Azure EventHub subscribers.


Trustifi has a built-in Integration with Azure EventHub as an SIEM system which can be used to automatically send different types of data and events from your Trustifi dashboard to your Azure EventHub instance. The integration can automatically send these types of data:

  1. Newly created entries in your inbound quarantined emails in Trustifi

  2. “Account Takeover Protection” incidents

  3. Any newly created audit logs from your Trustifi dashboard

To connect the integration between Trustifi and your Azure EventHub instance, follow the simple steps below:

Accessing the Azure EventHub Integration Window

The Azure EventHub integration settings are located in the Trustifi portal under the “Integrations” section. The integration may appear under either “Inbound Integrations” or “Outbound Integrations”, depending on your portal layout.

To open the integration window:

  1. Navigate to the “Integrations” page in the Trustifi admin portal.

  2. Locate the “Azure EventHub” tile.

  3. Click the Azure EventHub tile to open the connection pop-up.


Opening the Connection Credentials Section

The “Azure EventHub Integration” pop-up displays:

  • A general description of how the integration works

  • A list of event types that will be sent

  • The current connection status, which initially shows “Disconnected”

Click “Connect” to open the connection credentials section.


After the connection is established, this same window also provides a “Verify connection” option that allows sending a test log from Trustifi to your Azure EventHub instance.

Entering Connection Credentials and Connecting

In the next window, enter the Azure EventHub connection credentials to establish the link between Trustifi and Azure.

To complete the connection:

  1. Paste the Azure EventHub connection string copied from your Azure EventHub instance into the connection string field.

  2. Click “Connect” to establish the connection.

Connection Persistence

This connection process only needs to be completed once. After the connection is successfully established:

  • Trustifi continuously sends configured event logs to your Azure EventHub instance

  • The connection status updates to show a connected state

  • The “Verify connection” button may be used later to confirm ongoing connectivity