Skip to main content
With the Microsoft Sentinel integration, you can automatically send Plerion alerts into Microsoft Sentinel as incidents, allowing your security team to investigate and respond within their existing SIEM workflows.
Note: This is a one-way outbound integration. Alerts created or updated in Plerion will appear in Microsoft Sentinel, but changes made in Sentinel will not sync back to Plerion.

Steps to integrate Microsoft Sentinel with Plerion

1

On the Plerion dashboard, go to Settings > Integrations

Plerion dashboard with Settings expanded and Integrations selected
2

Find Microsoft Sentinel and click the + button

Integrations page with Microsoft Sentinel option and plus button
3

On the Connect Sentinel page, enter a name for your integration

Connect Microsoft Sentinel page showing Integration name field
4

Enter your Microsoft Azure credentials

Provide the following details from your Azure environment:
  • Application ID
  • Directory ID
  • Client Secret
  • Subscription ID
Then select Next.
Microsoft Sentinel integration setup fields on Azure

Microsoft Sentinel integration setup fields on Plerion
5

Choose your Sentinel workspace settings

Select the workspace, resource group for Plerion alerts created in Sentinel.
Add Sentinel workspace and resource group
6

Test your Microsoft Sentinel integration

Click Send test message to confirm the configuration. A test incident will be created in your chosen Sentinel workspace.
Plerion platform showing test message creation for Microsoft Sentinel

Microsoft Sentinel console showing test incident created from Plerion
7

Finalize the setup

Click Add to complete the integration.