Test the VNet Flow Log integration for XDR for Cloud

Views:

Test the Cloud Detections for Azure VNet Flow Log integration in your Azure cloud environment.

The Cloud Detections for Azure VNet Flow Logs integration allows Trend Vision One to access and monitor your Azure VNet Flow Logs to detect potential threats. The following steps provide a guide on how to test the feature within your environment.

Procedure

Sign in to the Azure account you want to use to test Cloud Detections for Azure VNet Flow Logs.
Review the Cloud Detections for Azure VNet Flow Logs recommendations and requirements.
Add your Azure account to the Cloud Accounts app in Trend Vision One.
Follow the steps in Connect an Azure subscription and enable the following features and permissions:
- Core features
- Cloud Detections for Azure VNet Flow Logs
Note

If you want to test the integration with an Azure subscription, see Connect and update Azure subscriptions.
After your account successfully connects, use XDR Data Explorer to verify data is being sent.
Use one of the following demo attacks to trigger a Workbench alert:
- Demo: Model - Azure VNet traffic with dangerous reputation

Test the VNet Flow Log integration for XDR for Cloud

Procedure

Note