Details
Content
Dependencies
Version History

Use Azure Data Explorer integration to collect and analyze data inside clusters of Azure Data Explorer and manage search queries.

Azure Data Explorer Pack

Use the Azure Data Explorer pack to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

What does this pack do?

Execute a Kusto Query Language (KQL) query against the given database inside a cluster.
List search queries that have reached a final state in the given database.
List currently executing search queries in the given database.
Start a best-effort attempt to cancel a specific running search query in the specified database.
Start, complete, or rerun the authorization process.
Rest the connectivity to Azure Data Explorer.

This pack contains an integration, which was integrated and tested with version V1 of AzureDataExplorer.

Azure Data Explorer Pack

Use the Azure Data Explorer pack to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

What does this pack do?

Execute a Kusto Query Language (KQL) query against the given database inside a cluster.
List search queries that have reached a final state in the given database.
List currently executing search queries in the given database.
Start a best-effort attempt to cancel a specific running search query in the specified database.
Start, complete, or rerun the authorization process.
Rest the connectivity to Azure Data Explorer.

This pack contains an integration, which was integrated and tested with version V1 of AzureDataExplorer.

Integrations

Name	Description
Azure Data Explorer	Use the Azure Data Explorer integration to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

Integrations

Name	Description
Azure Data Explorer	Use the Azure Data Explorer integration to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

Pack Name	Pack By
Base	By: Cortex XSOAR

Pack Name	Pack By
Base	By: Cortex XSOAR

1.3.6 - 1669335 (November 19, 2024)

Integrations

Azure Data Explorer

Fixed an issue in MicrosoftApiModule where the GCC High Defender endpoint was incorrect.

Related pull requests:
- 37253

Download

1.3.5 - 1666862 (November 18, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.116752.

Related pull requests:
- 37228
- 37223

Download

1.3.4 - 1615839 (November 10, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.115527.

Related pull requests:
- 37120
- 37113

Download

1.3.3 - 1480610 (October 8, 2024)

Integrations

Azure Data Explorer

Added infrastructure support for Microsoft Graph Application endpoints.

Related pull requests:
- 36407

Download

1.3.2 - 1259921 (August 11, 2024)

Integrations

Azure Data Explorer

Maintenance and stability enhancements.

Related pull requests:
- 35643

Download

1.3.1 - 1244506 (August 5, 2024)

Integrations

Azure Data Explorer

Updated the MicrosoftApiModule with exchange_online endpoints.

Related pull requests:
- 34917
- 34909
- 34903
- 34906
- 34147
- 34217
- 34908
- 34619
- 34911
- 34823
- 34837
- 34918
- 34816
- 34630
- 34871
- 34767
- 34879
- 34912
- 34840
- 34931
- 34892
- 34920
- 34926
- 34814
- 34811
- 34964
- 34967
- 34979
- 34921
- 34990
- 34896
- 34966
- 34985
- 34983
- 34255
- 34975
- 34999
- 34913
- 35000
- 34990
- 35002
- 34932
- 34862
- 35005
- 34868
- 34977
- 35009
- 34969
- 34591
- 34693
- 34657
- 34671
- 34681
- 34676
- 34672
- 34372
- 34701
- 34660
- 34684
- 34700
- 34702
- 34696
- 34117
- 34704
- 34706
- 34692
- 33735
- 34714
- 34703
- 34353
- 34725
- 34694
- 34734
- 34640
- 34724
- 34652
- 34443
- 34730
- 34653
- 34732
- 34667
- 34709
- 34755
- 34759
- 32423
- 34598
- 34758
- 34745
- 34762
- 34327
- 34742
- 34474
- 34766
- 34774
- 34782
- 34763
- 34756
- 34747
- 34645
- 34532
- 34675
- 34777
- 34788
- 34804
- 34729
- 34796
- 34691
- 34784
- 34783
- 34765
- 34485
- 34768
- 34593
- 34813
- 34818
- 34832
- 34772
- 34830
- 34833
- 34829
- 34834
- 34839
- 34828
- 34388
- 34838
- 34761
- 34858
- 34861
- 34764
- 34738
- 34538
- 34831
- 34748
- 34846
- 34845
- 34864
- 34817
- 34686
- 34865
- 34867
- 34863
- 34880
- 34876
- 34386
- 34881
- 34884
- 34799
- 34827
- 34883
- 34886
- 34512
- 34887
- 34889
- 34877
- 34904
- 34905
- 34909
- 34903
- 34906
- 34147
- 34217
- 34908
- 34619
- 34911
- 34823
- 34837
- 34918
- 34816
- 34630
- 34871
- 34767
- 34879
- 34912
- 34840
- 34931
- 34892
- 34920
- 34926
- 34814
- 34811
- 34964
- 34967
- 34979
- 34921
- 34990
- 34896
- 34966
- 34985
- 34983
- 34255
- 34608
- 35026
- 35029
- 35015
- 35023
- 34776
- 34654
- 34978
- 34986
- 34938
- 34506
- 35011
- 35014
- 34779
- 35019
- 35039
- 34897
- 35049
- 35016
- 35046
- 35051
- 35040
- 34614
- 32477

Download

1.3.0 - 1124076 (June 26, 2024)

Integrations

Azure Data Explorer

Added support for the Client Credentials authentication flow.

Related pull requests:
- 35010

Download

1.2.43 - 1066075 (June 3, 2024)

Integrations

Azure Data Explorer

Fixed an issue in where the GCC endpoints were incorrect in the supported integrations.

Related pull requests:
- 34634

Download

1.2.42 - 1051712 (May 28, 2024)

Integrations

Azure Data Explorer

Added support for Microsoft Defender 365 Endpoint in the Microsoft API Module.
Updated the MicrosoftApiModule to better handle the Authorization Code flow in the supported integrations.

Related pull requests:
- 34495

Download

1.2.41 - 1021616 (May 16, 2024)

Integrations

Azure Data Explorer

Fixed an issue in MicrosoftApiModule where the GCC endpoints were incorrect.
Fixed an issue where the scope was incorrect for the Authorization Code Flow.
Updated the Docker image to: demisto/auth-utils:1.0.0.94075.

Related pull requests:
- 34346

Download

1.2.39 - 919924 (March 28, 2024)

Integrations

Azure Data Explorer

Added a timeout value to the retry on rate limit mechanism.

Related pull requests:
- 33566

Download

1.2.38 - 860237 (February 29, 2024)

Integrations

Azure Data Explorer

Added support for the OAuth consent dialog after the user signs in using the azure-data-explorer-generate-login-url command.

Related pull requests:
- 31942

Download

1.2.37 - 823153 (February 12, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.87472.

Related pull requests:
- 32847

Download

1.2.36 - 798475 (February 1, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.86556.

Related pull requests:
- 32527

Download

1.2.35 - 760302 (January 14, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.84760.

Related pull requests:
- 32160

Download

1.2.34 - 722180 (December 28, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.83934.

Related pull requests:
- 31831

Download

1.2.33 - 7161298 (December 14, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.83550.

Related pull requests:
- 31472

Download

1.2.32 - 7029664 (November 30, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.81563.

Related pull requests:
- 31207

Download

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	December 27, 2021
Last Release	November 19, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.