[AUTOGEN] PR for Sentinel connectors

v-alje · v-alje · commit c0ba9099b446 · 2026-04-06T12:06:49.000-07:00
diff --git a/articles/sentinel/includes/connector-details.md b/articles/sentinel/includes/connector-details.md
@@ -2,7 +2,7 @@
 author: EdB-MSFT
 ms.author: edbaynash
 ms.topic: include
-ms.date: 03/30/2026
+ms.date: 04/06/2026
 
 # This file is auto-generated. Do not edit manually. Changes will be overwritten.
 ---
@@ -58,6 +58,23 @@ This solution depends on the following technologies, and some of which may be in
 
  ---
    
+<a name="a365-observability"></a><details><summary>**A365 Observability**</summary>
+
+**Supported by:** [Microsoft Corporation](https://support.microsoft.com/)
+
+A365 Observability data connector gives richer insights into AI agent activity by bringing AI agent telemetry from A365, AI Foundry, and Copilot in the Microsoft Sentinel data lake to investigate agent behavior, tool usage, and execution with hunting, graph, and MCP workflows. Data from this connector is used to investigate AI agent behavior, tool usage, and execution in Microsoft Sentinel. If you have enabled these workflows, deactivating this connector will prevent those investigations from being performed.
+
+**Log Analytics table(s):**  
+
+|Table|DCR support|Lake-only ingestion|
+|---|---|---|
+
+
+**Data collection rule support:** Not currently supported<br><br>
+</details> 
+
+ ---
+   
 <a name="abnormalsecurity-using-azure-function"></a><details><summary>**AbnormalSecurity (using Azure Function)**</summary>
 
 **Supported by:** [Abnormal Security](https://abnormalsecurity.com/contact)
@@ -123,6 +140,27 @@ The [Alibaba Cloud ActionTrail](https://www.alibabacloud.com/product/actiontrail
 
  ---
    
+<a name="alibaba-cloud-networking-data-connector-via-codeless-connector-framework"></a><details><summary>**Alibaba Cloud Networking Data Connector (via Codeless Connector Framework)**</summary>
+
+**Supported by:** [Microsoft Corporation](https://support.microsoft.com/)
+
+The Alibaba Cloud Networking data connector provides the capability to ingest [Alibaba Cloud](https://www.alibabacloud.com/) networking data into Microsoft Sentinel through the Simple Log Service (SLS) REST API. Refer to [API documentation](https://www.alibabacloud.com/help/en/sls/developer-reference/api-sls-2020-12-30-endpoint) for more information. The connector provides the ability to get VPC Flow Logs, WAF Logs, and API Gateway Logs from Alibaba Cloud.
+
+**Log Analytics table(s):**  
+
+|Table|DCR support|Lake-only ingestion|
+|---|---|---|
+|`AlibabaCloudVPCFlowLogs`|No|No|
+
+**Data collection rule support:** Not currently supported
+
+**Prerequisites:**
+
+- **Alibaba Cloud SLS API access**: **Alibaba Cloud Simple Log Service** access is required for the SLS API.<br><br>
+</details> 
+
+ ---
+   
 <a name="alicloud-using-azure-functions"></a><details><summary>**AliCloud (using Azure Functions)**</summary>
 
 **Supported by:** [Microsoft Corporation](https://support.microsoft.com/)
@@ -179,6 +217,27 @@ This data connector enables the integration of AWS CloudFront logs with Microsof
 
  ---
    
+<a name="amazon-web-services-elastic-load-balancing-via-codeless-connector-framework"></a><details><summary>**Amazon Web Services Elastic Load Balancing (via Codeless Connector Framework)**</summary>
+
+**Supported by:** [Microsoft Corporation](https://support.microsoft.com/)
+
+The AWS Elastic Load Balancing (ELB) connector for Microsoft Sentinel allows you to ingest access logs and flow logs from AWS Application Load Balancers (ALB), Network Load Balancers (NLB), and Gateway Load Balancers (GLB) into Microsoft Sentinel. These logs provide detailed information about requests processed by your load balancers and VPC traffic flows, enabling security monitoring, threat detection, and traffic analysis.
+
+**Log Analytics table(s):**  
+
+|Table|DCR support|Lake-only ingestion|
+|---|---|---|
+|`AWSALBAccessLogsData`|No|No|
+
+**Data collection rule support:** Not currently supported
+
+**Prerequisites:**
+
+- **AWS IAM Role ARN and SQS Queue**: An **AWS IAM Role ARN** with cross-account access and an **SQS Queue URL** configured for S3 event notifications are required. See [AWS ELB connector documentation](/azure/sentinel/connect-aws) for setup instructions.<br><br>
+</details> 
+
+ ---
+   
 <a name="amazon-web-services-networkfirewall-via-codeless-connector-framework"></a><details><summary>**Amazon Web Services NetworkFirewall (via Codeless Connector Framework)**</summary>
 
 **Supported by:** [Microsoft Corporation](https://support.microsoft.com/)
@@ -965,38 +1024,6 @@ The [Bitglass](https://www.forcepoint.com/bitglass) data connector provides the
 
  ---
    
-<a name="bitsight-data-connector-using-azure-functions"></a><details><summary>**Bitsight data connector (using Azure Functions)**</summary>
-
-**Supported by:** [BitSight Support](https://help.bitsight.com/)
-
-The [BitSight](https://www.BitSight.com/) Data Connector supports evidence-based cyber risk monitoring by bringing BitSight data in Microsoft Sentinel.
-
-**Log Analytics table(s):**  
-
-|Table|DCR support|Lake-only ingestion|
-|---|---|---|
-|`BitsightAlerts_data_CL`|Yes|Yes|
-|`BitsightBreaches_data_CL`|Yes|Yes|
-|`BitsightCompany_details_CL`|Yes|Yes|
-|`BitsightCompany_rating_details_CL`|Yes|Yes|
-|`BitsightDiligence_historical_statistics_CL`|Yes|Yes|
-|`BitsightDiligence_statistics_CL`|Yes|Yes|
-|`BitsightFindings_data_CL`|Yes|Yes|
-|`BitsightFindings_summary_CL`|Yes|Yes|
-|`BitsightGraph_data_CL`|Yes|Yes|
-|`BitsightIndustrial_statistics_CL`|Yes|Yes|
-|`BitsightObservation_statistics_CL`|Yes|Yes|
-
-**Data collection rule support:** [Workspace transform DCR](/azure/azure-monitor/logs/tutorial-workspace-transformations-portal)
-
-**Prerequisites:**
-
-- **Microsoft.Web/sites permissions**: Read and write permissions to Azure Functions to create a Function App is required. For more information, see [Azure Functions](/azure/azure-functions/).
-- **REST API Credentials/permissions**: BitSight API Token is required.  See the documentation to [learn more](https://help.bitsighttech.com/hc/en-us/articles/115014888388-API-Token-Management) about API Token.<br><br>
-</details> 
-
- ---
-   
 <a name="bitwarden-event-logs"></a><details><summary>**Bitwarden Event Logs**</summary>
 
 **Supported by:** [Bitwarden Inc](https://bitwarden.com/contact/)
@@ -3213,6 +3240,23 @@ The [Imperva Cloud WAF](https://www.imperva.com/resources/resource-library/datas
 
  ---
    
+<a name="imperva-cloud-waf-via-codeless-connector-framework"></a><details><summary>**Imperva Cloud WAF (via Codeless Connector Framework)**</summary>
+
+**Supported by:** [Microsoft Corporation](https://support.microsoft.com/)
+
+The Imperva WAF Cloud data connector provides the capability to ingest logs into Microsoft Sentinel using the Imperva Log Integration via AWS S3 with SQS notifications. The connector parses CEF-formatted WAF events including access logs and security alerts for threat detection and investigation.Refer to [Imperva WAF Cloud Log Integration](https://docs.imperva.com/bundle/cloud-application-security/page/settings/log-integration.htm) for more information.
+
+**Log Analytics table(s):**  
+
+|Table|DCR support|Lake-only ingestion|
+|---|---|---|
+|`ImpervaWAFCloud`|No|No|
+
+**Data collection rule support:** Not currently supported<br><br>
+</details> 
+
+ ---
+   
 <a name="infoblox-cloud-data-connector-via-ama"></a><details><summary>**Infoblox Cloud Data Connector via AMA**</summary>
 
 **Supported by:** [Infoblox](https://support.infoblox.com/)
@@ -4072,7 +4116,7 @@ These alerts can be imported into Microsoft Sentinel with this connector, allowi
 
 **Supported by:** [Microsoft](https://support.microsoft.com/)
 
-The Microsoft Copilot logs connector in Microsoft Sentinel enables the seamless ingestion of Copilot-generated activity logs into Microsoft Sentinel for advanced threat detection, investigation, and response. It collects telemetry from Microsoft Copilot services - such as usage data, prompts and system responses - and ingests into Microsoft Sentinel, allowing security teams to monitor for misuse, detect anomalies, and maintain compliance with organizational policies.
+The Microsoft Copilot logs connector in Microsoft Sentinel enables seamless ingestion of Copilot-generated activity logs from M365 Copilot and Security Copilot into Microsoft Sentinel for advanced threat detection, investigation and response. It collects telemetry from Microsoft Copilot services such as usage data and system responses and ingests into Microsoft Sentinel, allowing security teams to monitor for misuse, detect anomalies, and maintain compliance with organizational policies.
 
 **Log Analytics table(s):**  
 
@@ -6572,7 +6616,7 @@ The [Varonis Purview](https://www.varonis.com/) connector provides the capabilit
 
 |Table|DCR support|Lake-only ingestion|
 |---|---|---|
-|`varonisresources_CL`|No|No|
+|`VaronisResources_CL`|No|No|
 
 **Data collection rule support:** Not currently supported
 
@@ -7071,12 +7115,12 @@ The [Zero Networks Segment](https://zeronetworks.com/) push connector allows Zer
 
 |Table|DCR support|Lake-only ingestion|
 |---|---|---|
-|`ZNAudit_CL`|No|No|
-|`ZNNetworkActivity_CL`|No|No|
-|`ZNIdentityActivity_CL`|No|No|
-|`ZNRPCActivity_CL`|No|No|
+|`ZNAudit_CL`|Yes|Yes|
+|`ZNNetworkActivity_CL`|Yes|Yes|
+|`ZNIdentityActivity_CL`|Yes|Yes|
+|`ZNRPCActivity_CL`|Yes|Yes|
 
-**Data collection rule support:** Not currently supported
+**Data collection rule support:** [Workspace transform DCR](/azure/azure-monitor/logs/tutorial-workspace-transformations-portal)
 
 **Prerequisites:**
 
@@ -7096,9 +7140,9 @@ The [Zero Networks Segment](https://zeronetworks.com/) Audit data connector prov
 
 |Table|DCR support|Lake-only ingestion|
 |---|---|---|
-|`ZNSegmentAuditNativePoller_CL`|No|No|
+|`ZNSegmentAuditNativePoller_CL`|Yes|Yes|
 
-**Data collection rule support:** Not currently supported
+**Data collection rule support:** [Workspace transform DCR](/azure/azure-monitor/logs/tutorial-workspace-transformations-portal)
 
 **Prerequisites:**
 
diff --git a/articles/sentinel/includes/sentinel-tables-connectors.md b/articles/sentinel/includes/sentinel-tables-connectors.md
@@ -2,7 +2,7 @@
 author: EdB-MSFT
 ms.author: edbaynash
 ms.topic: include
-ms.date: 03/30/2026    
+ms.date: 04/06/2026    
 # This file is auto-generated. Do not edit manually. Changes will be overwritten.
 ---
 
@@ -35,6 +35,7 @@ ms.date: 03/30/2026
 |alertsremediationdata_CL|[Netskope Data Connector](/azure/sentinel/data-connectors-reference#netskope-data-connector)|No|No|
 |alertssecurityassessmentdata_CL|[Netskope Data Connector](/azure/sentinel/data-connectors-reference#netskope-data-connector)|No|No|
 |alertsubadata_CL|[Netskope Data Connector](/azure/sentinel/data-connectors-reference#netskope-data-connector)|No|No|
+|AlibabaCloudVPCFlowLogs|[Alibaba Cloud Networking Data Connector (via Codeless Connector Framework)](/azure/sentinel/data-connectors-reference#alibaba-cloud-networking-data-connector-via-codeless-connector-framework)|No|No|
 |AliCloud_CL|[AliCloud (using Azure Functions)](/azure/sentinel/data-connectors-reference#alicloud-using-azure-functions)|No|No|
 |AliCloudActionTrailLogs_CL|[Alibaba Cloud ActionTrail (via Codeless Connector Framework)](/azure/sentinel/data-connectors-reference#alibaba-cloud-actiontrail-via-codeless-connector-framework)|Yes|Yes|
 |Anvilogic_Alerts_CL|[Anvilogic](/azure/sentinel/data-connectors-reference#anvilogic)|No|No|
@@ -57,6 +58,7 @@ ms.date: 03/30/2026
 |Awareness_SafeScore_Details_CL|[Mimecast Awareness Training](/azure/sentinel/data-connectors-reference#mimecast-awareness-training)|Yes|Yes|
 |Awareness_User_Data_CL|[Mimecast Awareness Training](/azure/sentinel/data-connectors-reference#mimecast-awareness-training)|Yes|Yes|
 |Awareness_Watchlist_Details_CL|[Mimecast Awareness Training](/azure/sentinel/data-connectors-reference#mimecast-awareness-training)|Yes|Yes|
+|AWSALBAccessLogsData|[Amazon Web Services Elastic Load Balancing (via Codeless Connector Framework)](/azure/sentinel/data-connectors-reference#amazon-web-services-elastic-load-balancing-via-codeless-connector-framework)|No|No|
 |AWSCloudFront_AccessLog_CL|[Amazon Web Services CloudFront (via Codeless Connector Framework) (Preview)](/azure/sentinel/data-connectors-reference#amazon-web-services-cloudfront-via-codeless-connector-framework-preview)|Yes|Yes|
 |[AWSCloudTrail](/azure/azure-monitor/reference/tables/AWSCloudTrail)|[Amazon Web Services S3](/azure/sentinel/data-connectors-reference#amazon-web-services-s3)<br>[Amazon Web Services](/azure/sentinel/data-connectors-reference#amazon-web-services)|Yes|Yes|
 |[AWSCloudWatch](/azure/azure-monitor/reference/tables/AWSCloudWatch)|[Amazon Web Services S3](/azure/sentinel/data-connectors-reference#amazon-web-services-s3)|Yes|Yes|
@@ -88,17 +90,6 @@ ms.date: 03/30/2026
 |BeyondTrustPM_ClientEvents_CL|[BeyondTrust PM Cloud](/azure/sentinel/data-connectors-reference#beyondtrust-pm-cloud)|Yes|Yes|
 |BigIDDSPMCatalog_CL|[BigID DSPM connector](/azure/sentinel/data-connectors-reference#bigid-dspm-connector)|Yes|Yes|
 |BitglassLogs_CL|[Bitglass (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitglass-using-azure-functions)|No|No|
-|BitsightAlerts_data_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightBreaches_data_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightCompany_details_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightCompany_rating_details_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightDiligence_historical_statistics_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightDiligence_statistics_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightFindings_data_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightFindings_summary_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightGraph_data_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightIndustrial_statistics_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
-|BitsightObservation_statistics_CL|[Bitsight data connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#bitsight-data-connector-using-azure-functions)|Yes|Yes|
 |BitwardenEventLogs|[Bitwarden Event Logs](/azure/sentinel/data-connectors-reference#bitwarden-event-logs)|No|No|
 |BoxEvents_CL|[Box (using Azure Functions)](/azure/sentinel/data-connectors-reference#box-using-azure-functions)|No|No|
 |BoxEventsV2_CL|[Box Events (CCP)](/azure/sentinel/data-connectors-reference#box-events-ccp)|Yes|Yes|
@@ -294,6 +285,7 @@ ms.date: 03/30/2026
 |Illumio_Flow_Events_CL|[Illumio SaaS (using Azure Functions)](/azure/sentinel/data-connectors-reference#illumio-saas-using-azure-functions)|Yes|Yes|
 |IllumioInsightsSummary_CL|[Illumio Insights Summary](/azure/sentinel/data-connectors-reference#illumio-insights-summary)|No|No|
 |[IlumioInsights](/azure/azure-monitor/reference/tables/IlumioInsights)|[Illumio Insights](/azure/sentinel/data-connectors-reference#illumio-insights)|Yes|Yes|
+|ImpervaWAFCloud|[Imperva Cloud WAF (via Codeless Connector Framework)](/azure/sentinel/data-connectors-reference#imperva-cloud-waf-via-codeless-connector-framework)|No|No|
 |ImpervaWAFCloud_CL|[Imperva Cloud WAF (using Azure Functions)](/azure/sentinel/data-connectors-reference#imperva-cloud-waf-using-azure-functions)|Yes|Yes|
 |Infoblox_Failed_Indicators_CL|[Infoblox Data Connector via REST API](/azure/sentinel/data-connectors-reference#infoblox-data-connector-via-rest-api)|No|No|
 |InfobloxInsight_CL|[Infoblox SOC Insight Data Connector via REST API](/azure/sentinel/data-connectors-reference#infoblox-soc-insight-data-connector-via-rest-api)|No|No|
@@ -487,7 +479,7 @@ ms.date: 03/30/2026
 |union isfuzzy=true (WizVulnerabilities_CL),(WizVulnerabilitiesV2_CL)|[Wiz (using Azure Functions)](/azure/sentinel/data-connectors-reference#wiz-using-azure-functions)|No|No|
 |ValenceAlert_CL|[SaaS Security](/azure/sentinel/data-connectors-reference#saas-security)|No|No|
 |VaronisAlerts_CL|[Varonis SaaS](/azure/sentinel/data-connectors-reference#varonis-saas)|No|No|
-|varonisresources_CL|[Varonis Purview Push Connector](/azure/sentinel/data-connectors-reference#varonis-purview-push-connector)|No|No|
+|VaronisResources_CL|[Varonis Purview Push Connector](/azure/sentinel/data-connectors-reference#varonis-purview-push-connector)|No|No|
 |vcenter_CL|[Custom logs via AMA](/azure/sentinel/data-connectors-reference#custom-logs-via-ama)|Yes|Yes|
 |VectraStream_CL|[Custom logs via AMA](/azure/sentinel/data-connectors-reference#custom-logs-via-ama)|No|No|
 |VeeamAuthorizationEvents_CL|[Veeam Data Connector (using Azure Functions)](/azure/sentinel/data-connectors-reference#veeam-data-connector-using-azure-functions)|Yes|Yes|
@@ -528,11 +520,11 @@ ms.date: 03/30/2026
 |ZeroFox_CTI_vulnerabilities_CL|[ZeroFox CTI](/azure/sentinel/data-connectors-reference#zerofox-cti)|No|No|
 |ZeroFoxAlertPoller_CL|[ZeroFox Enterprise - Alerts (Polling CCF)](/azure/sentinel/data-connectors-reference#zerofox-enterprise---alerts-polling-ccf)|Yes|Yes|
 |ZimperiumThreatLog_CL|[Zimperium Mobile Threat Defense](/azure/sentinel/data-connectors-reference#zimperium-mobile-threat-defense)|No|No|
-|ZNAudit_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|No|No|
-|ZNIdentityActivity_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|No|No|
-|ZNNetworkActivity_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|No|No|
-|ZNRPCActivity_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|No|No|
-|ZNSegmentAuditNativePoller_CL|[Zero Networks Segment Audit](/azure/sentinel/data-connectors-reference#zero-networks-segment-audit)|No|No|
+|ZNAudit_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|Yes|Yes|
+|ZNIdentityActivity_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|Yes|Yes|
+|ZNNetworkActivity_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|Yes|Yes|
+|ZNRPCActivity_CL|[Zero Networks Segment (Push)](/azure/sentinel/data-connectors-reference#zero-networks-segment-push)|Yes|Yes|
+|ZNSegmentAuditNativePoller_CL|[Zero Networks Segment Audit](/azure/sentinel/data-connectors-reference#zero-networks-segment-audit)|Yes|Yes|
 |Zoom_CL|[Zoom Reports (using Azure Functions)](/azure/sentinel/data-connectors-reference#zoom-reports-using-azure-functions)|Yes|Yes|
 |ZoomV2_CL|[Zoom Reports Connector (via Codeless Connector Framework)](/azure/sentinel/data-connectors-reference#zoom-reports-connector-via-codeless-connector-framework)|No|No|
 |ZPA_CL|[Custom logs via AMA](/azure/sentinel/data-connectors-reference#custom-logs-via-ama)|Yes|Yes|
