Add Azure Sentinel Integration

workspaceId={value}

Provide the unique Id assigned to the workspace in Azure Sentinel.

primaryKey={value}

Provide the primary key Id assigned to the workspace in Azure Sentinel.

name={value}

Provide a unique name for the integration in the API request. The maximum length allowed for name is 50 characters.

baseCategory={IG|Potential| Confirmed}

Category of the vulnerabilities fetched from Qualys (VM/VMDR app) to be posted on the Azure Sentinel. The valid values are IG, Confirmed, and Potential.

By default, it is configured to Confirmed. In this case, only confirmed vulnerabilities are included. If you configure the baseCategory as Potential, both Potential and Confirmed vulnerabilities are included.If you configure the baseCategory as IG, all three categories: IG, Potential and Confirmed vulnerabilities are included.

customLogName={value}

Provide a unique name for the data collector APIs. You can identify the log details with the name you provide. If you do not provide a custom log name, we use QUALYS_SECURITY_VM_FINDINGS by default.

The custom log name can only contain letters, numbers, and underscore (_), and should not exceed 100 characters.

minSeverity={value}

The minimum severity level of the vulnerabilities fetched from Qualys (VM/VMDR app) to be posted on the Azure Sentinel. By default, it is configured to severity level 3 and above. For example, if you set the value to 1, all findings with severity level 1 to 5 are fetched and available on Azure Sentinel.

resultSectionNeeded={true|false}

Set this to true to include the result section in the response. If you want to exclude the result section, set this parameter to false. By default, the resultSectionNeeded parameter is configured to false.

apiVersion={value}

Azure Sentinel data collector API version. By default, 2016-04-01 API version is used. For more information on supported API version refer to Data Collector API learn page.