Skip to main content

Cloud-delivered Advanced AnalyticsExabeam Advanced Analytics Administration Guide

Set Up Azure AD Context Enrichment

  1. Navigate to Settings > Core > Context Management > Add Context Source.

    The Context Management page opens.

  2. Click + Add Context Source.

  3. From the Source Type drop-down menu, select Microsoft Azure Active Directory.

    context-management-azure-fields.png
  4. Provide the appropriate values for the following fields:

    • Application Client ID

    • Application Client Secret

    • Tenant ID

    To generate the appropriate values for these fields, do the following:

    1. Log in to Microsoft Azure.

    2. Under Azure services, click App registrations.

      Azure-App-Registrations.png
    3. Click New registrations.

    4. In the Name field, type a name for the app.

      Azure-Register-App-Name.png
    5. Under supported account types, ensure that the following setting is selected: Accounts in this organizational directory only (Your Directory only - Single tenant).

    6. At the bottom of the page, click Register.

      The Overview page for your new app appears.

    7. Copy the Application (client) ID and paste it into the Application Client ID field in Exabeam; copy the Directory (tenant) ID and paste it into the Tenant ID field.

      Azure-Client-Tenant-IDs.png
    8. In the Manage menu, click API permissions.

      Azure-API-Permissions.png

      The API permissions page opens.

    9. Click Add a permission.

      The Request API permissions panel opens on the right.

    10. Click the Microsoft Graph box.

      Azure-Microsoft-Graph.png
    11. Click the Application permissions box.

      Azure-Application-Permissions-Box.png
    12. In the Select permissions text filter, type directory.

    13. Click the Directory drop-down arrow, and then select Directory.Read.All.

      Azure-Directory-Read-All.png
    14. At the bottom of the panel, click Add permissions.

      The panel closes and the added permission appears under Configured permissions.

    15. Click Grant admin consent for Exadev Directory, and then click Grant admin consent confirmation.

      Azure-Grant-Admin-Consent.png
    16. In the Manage menu on the left, click Certificates & secrets.

      The Certificates & secrets page opens.

    17. Click New client secret.

      Azure-New-Client-Secret.png

      The Add a client secret panel opens on the right.

    18. In the Description field, provide a description of the secret (such as what the secret is being used for).

    19. From the Expires drop-down menu, select a time frame for when you want the secret to expire.

    20. At the bottom of the panel, click Add.

      The panel closes and the added secret appears in the Client secrets list.

    21. Click the copy-to-clipboard icon for the secret Value, and then paste the value into the Application Client Secret field in Exabeam.

      Azure-Client-Secret-Copy-rev.png
  5. To test the connection with Azure AD, click Validate Connection.

    A message displays to indicate whether the connection is successful.

  6. If the connection is successful, click Save to complete the setup.

    Azure AD is added to the list of data sources on the Context Management page.

    Context-Management-AzureAD-Added.png