https://github.com/hazcod/miro2sentinel

Log ingestor that retrieves audit logs from Miro and stores them in Microsoft Sentinel SIEM>
https://github.com/hazcod/miro2sentinel

miro sentinel siem

Last synced: about 1 year ago
JSON representation

Log ingestor that retrieves audit logs from Miro and stores them in Microsoft Sentinel SIEM>

• Host: GitHub
• URL: https://github.com/hazcod/miro2sentinel
• Owner: hazcod
• Created: 2024-08-28T05:58:05.000Z (almost 2 years ago)
• Default Branch: main
• Last Pushed: 2025-04-15T00:20:32.000Z (about 1 year ago)
• Last Synced: 2025-04-15T14:19:20.182Z (about 1 year ago)
• Topics: miro, sentinel, siem
• Language: Go
• Homepage:
• Size: 80.1 KB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 5
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# miro2sentinel

A Go program that exports Miro audit logs to Microsoft Sentinel SIEM.

Two tables are used; `MiroAuditLogs`.

## Running

First create a yaml file, such as `config.yml`:

```yaml

log:

  level: INFO

microsoft:

  app_id: ""

  secret_key: ""

  tenant_id: ""

  subscription_id: ""

  resource_group: ""

  workspace_name: ""

  retention_days: 90

  dcr:

    endpoint: ""

    rule_id: ""

    stream_name: ""

  expires_months: 6

miro:

  lookback_days: 7

  access_token: "" # non-expiring Miro access token

```

And now run the program from source code:

```shell

% make

go run ./cmd/... -config=dev.yml

INFO[0000] shipping logs                                 module=sentinel_logs table_name=MiroAuditLogs total=82

INFO[0002] shipped logs                                  module=sentinel_logs table_name=MiroAuditLogs

INFO[0002] successfully sent logs to sentinel            total=82

```

Or binary:

```shell

% miro2sen -config=config.yml

```

## Building

```shell

% make build

```