cudeso
commented
2 months ago Hello.
Please check that you have followed all steps under https://github.com/cudeso/misp2sentinel/blob/main/README.md#azure ; you can also use the documentation from Microsoft at https://learn.microsoft.com/en-us/azure/sentinel/connect-threat-intelligence-upload-api for cross-reference.
Then setup the Python script on your MISP server with the Azure app/etc credentials and the MISP REST API key.
Limit the search to one event (specify this in misp_event_filters and run the synchronisation script with verbose logging (verbose_log). This should tell you if the connection is up. Once the script is able to synchronise data from the MISP server to Sentinel the connector should be connected.
We have followed all the steps mention in the document " https://github.com/cudeso/misp2sentinel?tab=readme-ov-file#misp" but still the MISP2Sentinel Data connector is in disconnected state.
We have checked with Microsoft, and they suggested that this connector is owned by GitHub. So please check with GitHub support. Please suggest.