Skip to content

Azure Sentinel now integrates with Secret Server for better visibility and faster incidence response


Complex, dynamic organizations often have dozens of platforms to manage, each monitoring a different aspect of the security stack. Many Microsoft shops use Azure Sentinel as the single source of truth for security logging. Sentinel aggregates data from multiple security solutions and automates much of the noise away so that security teams can focus on meaningful, actionable information, rather than false positives.

IT security teams can see privileged account information in the same SIEM system they use every day

Delinea Secret Server now integrates with Azure Sentinel so that IT security teams can see information about privileged accounts in the same SIEM system they use every day for security monitoring and logging. Azure Sentinel customers can use the data connector to parse and display Secret Server Syslog messages.

The Delinea Secret Server data connector for Azure Sentinel is now live. Used together, Secret Server and Sentinel provide deep insight into privileged account usage. You can customize your Sentinel dashboard and set alerts to display and prioritize information that is most important to you.

As a result, you can increase visibility to detect threats, shorten the time it takes for incident investigation, and improve response consistency. You’ll also be better able to provide evidence to meet compliance mandates, rather than collecting evidence from multiple systems and dashboards. Ultimately, the Secret Server-Sentinel integration is designed to help you better secure privileged accounts and reduce the risk of privileged account attacks.

Ask us how to connect your Secret Server instance with Azure Sentinel.

Secret Server for Microsoft customers

The Azure Sentinel-Secret Server integration is the latest collaboration between Delinea and Microsoft. We support out-of-the-box, native integrations with Azure, AzureAD, Active Directory, PowerShell, O365, SharePoint, and SCCM. Our on-premise architecture is built on Microsoft; our cloud PAM is hosted on Azure.

Recently, we were selected to become a member of the Microsoft Intelligence Security Association (MISA), an ecosystem of independent software vendors and managed security service providers that have integrated their solutions to help customers better defend themselves against cyber threats.

We look forward to collaborating with Microsoft on new ways we can better secure our joint customers.

Azure Sentinel / Secret Server CEF Screenshot
Privileged Account Incident Response Template

Cybersecurity Incident Response Template

The faster you respond to a cyber incident, the less damage it will cause.