Details
Content
Dependencies
Version History

Use Azure Data Explorer integration to collect and analyze data inside clusters of Azure Data Explorer and manage search queries.

Azure Data Explorer Pack

Use the Azure Data Explorer pack to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

What does this pack do?

Execute a Kusto Query Language (KQL) query against the given database inside a cluster.
List search queries that have reached a final state in the given database.
List currently executing search queries in the given database.
Start a best-effort attempt to cancel a specific running search query in the specified database.
Start, complete, or rerun the authorization process.
Rest the connectivity to Azure Data Explorer.

This pack contains an integration, which was integrated and tested with version V1 of AzureDataExplorer.

Azure Data Explorer Pack

Use the Azure Data Explorer pack to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

What does this pack do?

Execute a Kusto Query Language (KQL) query against the given database inside a cluster.
List search queries that have reached a final state in the given database.
List currently executing search queries in the given database.
Start a best-effort attempt to cancel a specific running search query in the specified database.
Start, complete, or rerun the authorization process.
Rest the connectivity to Azure Data Explorer.

This pack contains an integration, which was integrated and tested with version V1 of AzureDataExplorer.

Integrations

Name	Description
Azure Data Explorer	Use the Azure Data Explorer integration to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

Integrations

Name	Description
Azure Data Explorer	Use the Azure Data Explorer integration to collect and analyze data inside Azure Data Explorer clusters, and to manage search queries.

Pack Name	Pack By
Base	By: Cortex XSOAR

Pack Name	Pack By
Base	By: Cortex XSOAR

1.2.39 - 919924 (March 28, 2024)

Integrations

Azure Data Explorer

Added a timeout value to the retry on rate limit mechanism.

Related pull requests:
- 33566

Download

1.2.38 - 860237 (February 29, 2024)

Integrations

Azure Data Explorer

Added support for the OAuth consent dialog after the user signs in using the azure-data-explorer-generate-login-url command.

Related pull requests:
- 31942

Download

1.2.37 - 823153 (February 12, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.87472.

Related pull requests:
- 32847

Download

1.2.36 - 798475 (February 1, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.86556.

Related pull requests:
- 32527

Download

1.2.35 - 760302 (January 14, 2024)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.84760.

Related pull requests:
- 32160

Download

1.2.34 - 722180 (December 28, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.83934.

Related pull requests:
- 31831

Download

1.2.33 - 7161298 (December 14, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.83550.

Related pull requests:
- 31472

Download

1.2.32 - 7029664 (November 30, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.81563.

Related pull requests:
- 31207

Download

1.2.31 - 6636841 (October 18, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.77807.

Related pull requests:
- 30241

Download

1.2.30 - 6580543 (October 12, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/auth-utils:1.0.0.76157.

Related pull requests:
- 29574

Download

1.2.29 - 6367558 (September 19, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.74092.

Related pull requests:
- 29744

Download

1.2.28 - 6226805 (September 3, 2023)

Integrations

Azure Data Explorer

Added a moderate retry mechanism for the authorization HTTP request through oproxy.

Related pull requests:
- 29015

Download

1.2.27 - 6170593 (August 28, 2023)

Integrations

Azure Data Explorer

Added an infrastructure support for Microsoft Graph Application Endpoints.

Related pull requests:
- 28801

Download

1.2.26 - 6133197 (August 23, 2023)

Integrations

Azure Data Explorer

Fixed an issue where instances using version 1.2.25 of the pack could have authentication issues.

Related pull requests:
- 29173

Download

1.2.25 - 6106826 (August 21, 2023)

Integrations

Azure Data Explorer

Fixed an issue where changes made to the Authorization code parameter were not being reflected in the integration code, resulting in the continued use of the first parameter.

Related pull requests:
- 29035
- 29173

Download

1.2.24 - 6010750 (August 10, 2023)

Integrations

Azure Data Explorer

Added support for Microsoft Defender for Application Endpoints in the Microsoft API Module.

Related pull requests:
- 27705

Download

1.2.23 - 5910354 (July 30, 2023)

Integrations

Azure Data Explorer

Maintenance and stability enhancements.

Related pull requests:
- 26482

Download

1.2.22 - 5883145 (July 27, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.66840.

Related pull requests:
- 28550

Download

1.2.21 - R5866730 (July 25, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.65015.

Related pull requests:
- 28128

Download

1.2.20 - R5692327 (July 5, 2023)

Integrations

Azure Data Explorer

Improved implementation by adding functionality to the MicrosoftAPIModule to be used in integrations that allow arguments to be set in the instance configuration or within the commands.
Improved implementation by adding functionality to the MicrosoftAPIModule to be used in integrations that use 'tag' as a filter.

Related pull requests:
- 26943

Download

1.2.19 - 5553783 (June 17, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.63812.

Related pull requests:
- 27512

Download

1.2.18 - 5410099 (May 31, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.61722.

Related pull requests:
- 27088

Download

1.2.17 - 5277943 (May 16, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.58903.

Related pull requests:
- 26528

Download

1.2.16 - R5170573 (May 2, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.56571.

Related pull requests:
- 26177

Download

1.2.15 - 5057113 (April 17, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.55044.

Related pull requests:
- 25877

Download

1.2.14 - 4954430 (April 2, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.52535.
Added support for old docker images which do not have the defusedxml package.

Related pull requests:
- 25670

Download

1.2.12 - 4835020 (March 17, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.49635.

Related pull requests:
- 25347

Download

1.2.11 - 4718798 (March 1, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.49428.

Related pull requests:
- 24959

Download

1.2.10 - R4646022 (February 19, 2023)

Integrations

Azure Data Explorer

Improved implementation of the authorization process with the Oproxy server.
Fixed an issue where linter failed due to pylint errors.
Added the azure-data-explorer-generate-login-url command to easily get the auth code.
Updated the Docker image to: demisto/azure-kusto-data:1.0.0.48291.

Related pull requests:
- 24261

Download

1.2.7 - 4560457 (February 7, 2023)

Integrations

Azure Data Explorer

Updated MicrosoftApiModule to support authentication using Azure Managed Identities.

Related pull requests:
- 23951

Download

1.2.6 - 4410080 (January 17, 2023)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.44974.

Related pull requests:
- 23868

Download

1.2.5 - 4247670 (December 19, 2022)

Integrations

Azure Data Explorer

Fixed an issue where in some rare cases, commands would fail with a 'NoneType' object is not subscriptable message.

Related pull requests:
- 23140

Download

1.2.4 - 4213299 (December 13, 2022)

Integrations

Azure Data Explorer

Updated the Docker image to: demisto/azure-kusto-data:1.0.0.40909.

Related pull requests:
- 23000

Download

1.2.3 - 4112675 (November 28, 2022)

Integrations

Azure Data Explorer

Fixed an issue where error was raised due to api metrics creation attempt from a script execution.

Related pull requests:
- 22476

Download

1.2.2 - 4013107 (November 11, 2022)

Integrations

Azure Data Explorer

Internal code improvements.

Related pull requests:
- 22120

Download

1.2.1 - 3982079 (November 6, 2022)

Integrations

Azure Data Explorer

Internal code improvements.

Related pull requests:
- 21879

Download

1.2.0 - R3901212 (October 23, 2022)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 21461

Download

1.1.0 - 3570916 (August 31, 2022)

Integrations

Azure Data Explorer

Added the ability to configure an instance using user authentication flow.

Related pull requests:
- 20701

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	December 27, 2021
Last Release	March 28, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.