Veeam App for Microsoft Sentinel 1
User Guide
Search

About Veeam App for Microsoft Sentinel

Veeam App for Microsoft Sentinel is a Microsoft Azure app that allows you to monitor backup jobs and various security activities in your Veeam Data Platform environment:

  • Veeam Backup & Replication events
  • Alarms triggered by Veeam ONE
  • Security findings provided by Coveware Recon Scanner. For more information, see Recon Scanner User Guide.

The app gets information from Veeam REST APIs, Coveware Recon Scanner, and syslog servers integrated with Veeam Backup & Replication and Veeam ONE servers. The data is displayed on the built-in dashboards.

Built-in analytics rules allows you to automatically create an incident for various security activities with specific severity levels. You can manage incidents and run on specific incident types built-in Veeam playbooks through the Microsoft Defender portal.

The app includes:

  • Veeam Backup & Replication REST API integration:
    • Multiple Veeam Backup & Replication servers support
    • Built-in playbooks to automate specific operations:
      • Find clear restore points
      • Run a Scan Backup session
      • Run a configuration backup session
      • Run a Quick Backup session
      • Run an Instance VM Recovery session
  • Veeam ONE REST API integration:
    • Multiple Veeam ONE servers support
    • Built-in playbook for resolving triggered alarms
  • Recon Scanner integration including multiple servers support
  • Syslog integration
  • Configuration playbook
  • Data collection playbooks
  • Dashboards to monitor job statuses and security activities on a daily basis
  • Templates for analytics rules
View all results across Veeam Help Center
Back to document search