Azure Event Hub

This script fetches the Azure EventHub data and ingests it into Chronicle.

Steps to deploy Azure Function

Download the data connector file i.e Azure_eventhub_API_function_app.json from the repository.
Sign in to your Microsoft Azure portal.
Navigate to Microsoft Sentinel --> Select your workspace from the list --> Select Data Connector in the configuration section.

Note: Set the following flag as true in the url feature.BringYourOwnConnector=true&feature.experimentationflights=ConnectorsKO
Example: https://portal.azure.com/?feature.BringYourOwnConnector=true&feature.experimentationflights=ConnectorsKO#view...

Find the Import button on the page and import the data connector file downloaded in step 1.
Click the Deploy to Azure button to deploy your function and follow the steps mentioned on the same page.
Select the preferred Subscription, Resource Group and Location and provide the required values.
Click Review + Create button.
Click Create to deploy.

Now the deployed Azure function will trigger for new data in Azure Event Hub and ingest them into Chronicle.

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
azure_eventhub_api_function		azure_eventhub_api_function
AzureEventhub.zip		AzureEventhub.zip
Azure_eventhub_API_function_app.json		Azure_eventhub_API_function_app.json
README.md		README.md
azuredeploy_Connector_EventHub_AzureFunctions.json		azuredeploy_Connector_EventHub_AzureFunctions.json
host.json		host.json
proxies.json		proxies.json
requirements.txt		requirements.txt