If you're having trouble at any stage please contact us at support@skyformation.com. 

Preface

The goal of this guide is to add a new SkyFormation's Azure Cloud App Connector to your SkyFormation Platform.

Prerequisites

- Create Azure app for the SkyFormation app integration.
  To complete please follow the steps detailed at :Create Azure AD Application for the SkyFormation Azure Connector

Starting from release 2.4.108, 2 authentication methods are available:
     1) oauth2
     2) certificate

For oauth2, you need to provide: client-id and client-secret.
For certificate, you need to provide: client-id, private key and certificate.  

- Have the following information available:

  * Azure tenant ID 
  * Client ID (of the SkyFormation app created in Azure)

   * Secret ID (of the SkyFormation app created in Azure) -only if you chose oauth2 authentication

   * Certificate - only if you chose certificate authentication
   * Private key - only if you chose certificate authentication

Domains and URLs to be Approachable from SkyFormation Machine

• Cloud - Azure AD (global service)
  • https://graph.microsoft.com 
  • http://go.microsoft.com
  • https://*.core.windows.net
  • https://management.azure.com
  • https://management.core.windows.net:8443
  • https://*.database.windows.net
  • https://gallery.azure.com
  • https://login.microsoftonline.com
  • https://graph.windows.net
  • https://datalake.azure.net
  • https://*.vault.azure.net
  • https://*.azuredatalakestore.net
  • https://*.azuredatalakeanalytics.net
  • https://api.loganalytics.io
  • https://api.applicationinsights.io
• Cloud - Azure AD China operated by 21Vianet
  • https://microsoftgraph.chinacloudapi.cn
  • http://go.microsoft.com
  • https://management.chinacloudapi.cn
  • https://management.core.chinacloudapi.cn:8443
  • https://*.database.chinacloudapi.cn
  • https://gallery.chinacloudapi.cn
  • https://login.chinacloudapi.cn
  • https://graph.chinacloudapi.cn
  • https://*.core.chinacloudapi.cn
  • https://*.vault.azure.cn
• Cloud - Azure AD Germany
  • https://graph.microsoft.de 
  • http://portal.microsoftazure.de
  • https://manage.microsoftazure.de
  • https://*.core.cloudapi.de
  • https://management.core.cloudapi.de:8443
  • https://*.database.cloudapi.de
  • https://gallery.cloudapi.de
  • https://login.microsoftonline.de
  • https://graph.cloudapi.de
  • https://*.vault.microsoftazure.de
• Cloud - Azure AD for US Government
  • https://graph.microsoft.us
  • https://manage.windowsazure.us
  • https://*.core.usgovcloudapi.net
  • https://management.usgovcloudapi.net
  • https://management.core.usgovcloudapi.net:8443
  • https://graph.windows.net
  • https://*.vault.usgovcloudapi.net
  • https://api.loganalytics.us

Steps

1. Logon to your SkyFormation Platform:

2. Navigate via left navigation panel to "Settings" section

3. Navigate via New Settings left navigation panel to "Accounts" section

4. Click the "Add Account" bottom

5. At the "SELECT SERVICE TO ADD" choose "Azure Microsoft" 

You will see the below screen:

5. Fill in the following information:

    - Account Name
      Give this Azure connector a meaningful name for you. This will become your cloud app
      connector name displayed in the application and the events sent to external systems
      as SIEM/Log management system.

      e.g. "Corp Azure staging cloud"     

    - Description

      Add and text that describe the cloud app connector.

      e.g. "This is our corporate Azure cloud environment for staging"

    - Authentication Method

      Starting from release 2.4.108, can be either oauth2 or certificate

    - Client-id

       The SkyFormation app generated client ID in the prerequisites

       e.g. 4e11ab22-6d1c-5077-9d73-f7776d3851e8

    - Client-Secret

       The SkyFormation app generated client secret in the prerequisites. Required only if your                         authentication method is "oauth2".

       e.g. W17FnTeyRWUasdTGBdVeB+A3kASDaYUH0lre+MzuxRT=

    - Certificate

       The content of the certificate file from the prerequisites section. Required only if your                            authentication method is "certificate".

       e.g:

-----BEGIN CERTIFICATE-----
*****************
*****************
*****************
.....
-----END CERTIFICATE-----

   - Private Key

      The content of the private file from the prerequisites section. Required only if your                                  authentication method is "certificate".      

      e.g:

-----BEGIN PRIVATE KEY-----
**************
**************
**************
.....
-----END PRIVATE KEY-----

   - Tenant-id

       The Azure tenant id you got at the prerequisites

       e.g. 3d70c501-bb21-1122-9330-c4a25e252086

    - Cloud (support Azure National Clouds)

      WARNING: This field should only be changed from its default "Azure AD (global service)"
      if your Azure is one of the Azure National Clouds :
      () China               () Germany             () US Government. 

      To set your Azure National cloud in use please choose the one from the dropdown list:

6. Click "SAVE" bottom

7. Make sure the status of the new Azure connector "STATUS" in the table is OK and green.

Optional 

8. To add an EventHub endpoint to your Azure connector please follow the steps described at:
    How to Configure Azure EventHub endpoint in an existing Azure connector

DONE

Next Steps

Now you are ready to add a configure the events that would be sent to your SIEM/Splunk and the SkyFormation console for the just added SkyFormation Azure connector.

To learn more go to: How to: Configure A Cloud App Connector To Send Events To SIEM