# Microsoft Sentinel Sink Configuration Guide This guide walks you through configuring Microsoft Sentinel (via Azure Monitor Logs) as a Sink provider with Synqly using the Synqly CCF Push connector from the Microsoft Sentinel Content Hub. ## Prerequisites - A Microsoft Sentinel workspace - **Application Developer** role (or higher) in Microsoft Entra ID — to create an app registration - **Owner** or **User Access Administrator** on the Azure subscription — to assign the Monitoring Metrics Publisher role on the Data Collection Rule ## Step 1: Install and Deploy the CCF Push Connector The Synqly Integration solution is published in the [Microsoft Sentinel Content Hub](https://portal.azure.com) as a CCF Push connector. Deploying it automatically provisions the Entra application, Data Collection Rule, Data Collection Endpoint, and role assignments in a single step. **Install the solution:** 1. In the Azure portal, navigate to your **Microsoft Sentinel** workspace 2. Go to **Content Hub** 3. Search for **Synqly Integration** 4. Select the solution and click **Install** Alternatively, find the solution directly in the [Azure Marketplace](https://marketplace.microsoft.com/en-us/product/saas/synqlyinc1759267074521.azure-sentinel-solution-synqly-integration). **Deploy the connector:** 1. After installation, go to **Configuration** → **Data connectors** 2. Search for and select the Synqly connector 3. Click **Open connector page** 4. Click the **Deploy** button The deployment automatically creates: - A Microsoft Entra application with credentials - A Data Collection Rule (DCR) and Data Collection Endpoint (DCE) - Required role assignments (Monitoring Metrics Publisher) **Collect the connection details:** After deployment completes, the connector page displays the following values. Copy each one — you will need them to configure the integration: - **Tenant ID** - **Application (Client) ID** - **Client Secret** - **Data Collection Endpoint URI** (this is the Collection URL) - **Data Collection Rule Immutable ID** (this is the Rule ID) - **Stream Name** ## Step 2: Configure the Integration Create your integration by supplying the following values. **Tenant ID** The Directory (tenant) ID from the CCF Push connector deployment (Step 1). **Client ID** The Application (client) ID from the CCF Push connector deployment (Step 1). **Credential Secret** The client secret value from the CCF Push connector deployment (Step 1). **URL** The Data Collection Endpoint URI from the CCF Push connector deployment (Step 1). **Rule ID** The Data Collection Rule Immutable ID from the CCF Push connector deployment (Step 1). **Stream Name** The Stream Name from the CCF Push connector deployment (Step 1).