📘Note
This method is currently available for NSG Flow logs only.
This integration will skip all blobs with type
!=block.
Gather information from your Azure Storage account
Open your Azure Storage account and navigate to Security + networking > Access keys from the side menu.
.png?sv=2022-11-02&spr=https&st=2025-05-12T12%3A16%3A07Z&se=2025-05-12T12%3A27%3A07Z&sr=c&sp=r&sig=4ZU%2B90r4kD58cUzs%2Bc6Z43IqrDqZhe7nlmWk58LD3Dw%3D)
Locate the Connection string and click Show.
Now click the copy icon (
.png?sv=2022-11-02&spr=https&st=2025-05-12T12%3A16%3A07Z&se=2025-05-12T12%3A27%3A07Z&sr=c&sp=r&sig=4ZU%2B90r4kD58cUzs%2Bc6Z43IqrDqZhe7nlmWk58LD3Dw%3D)
) to copy the string to your clipboard, and paste it in a notepad.
It should look like this:DefaultEndpointsProtocol=https;AccountName=mdatplogs;AccountKey=+fekjh4598gkjdgkj45hglkj4h5gJ4coQE/MqAl6HFyFZ==;EndpointSuffix=core.windows.netFrom this string, locate the values of the following items:
Default endpoint protocol (can be either
httporhttps)Account name
Account key
Endpoint suffix
In our example, we extract the following values:Default endpoint protocol: https
Account name: mdatplogs
Account key: +fekjh4598gkjdgkj45hglkj4h5gJ4coQE/MqAl6HFyFZ==
Endpoint suffix: core.windows.netNavigate to Storage browser > Blob containers and locate the name of the container you want to connect to Hunters.
.png?sv=2022-11-02&spr=https&st=2025-05-12T12%3A16%3A07Z&se=2025-05-12T12%3A27%3A07Z&sr=c&sp=r&sig=4ZU%2B90r4kD58cUzs%2Bc6Z43IqrDqZhe7nlmWk58LD3Dw%3D)
Set up the connection on Hunters
On Hunters, navigate to Data > Data Sources.
.png?sv=2022-11-02&spr=https&st=2025-05-12T12%3A16%3A07Z&se=2025-05-12T12%3A27%3A07Z&sr=c&sp=r&sig=4ZU%2B90r4kD58cUzs%2Bc6Z43IqrDqZhe7nlmWk58LD3Dw%3D)
Click + Connect Data Sources.
.png?sv=2022-11-02&spr=https&st=2025-05-12T12%3A16%3A07Z&se=2025-05-12T12%3A27%3A07Z&sr=c&sp=r&sig=4ZU%2B90r4kD58cUzs%2Bc6Z43IqrDqZhe7nlmWk58LD3Dw%3D)
From the integration tiles, locate the product you want to connect.
After reading the guide, click Connect from the product tile to start the connection process. If the product is already connected, click Edit Connection.
From the left-side menu, click + More Integrations > Azure Block Storage List.
.png?sv=2022-11-02&spr=https&st=2025-05-12T12%3A16%3A07Z&se=2025-05-12T12%3A27%3A07Z&sr=c&sp=r&sig=4ZU%2B90r4kD58cUzs%2Bc6Z43IqrDqZhe7nlmWk58LD3Dw%3D)
Fill in the fields with the information you acquired previously:
From the connection string:
Default endpoint protocol
Account name
Account key
Endpoint suffix
From the storage browser:Container name
In the Prefix field, enter the path to the files you want to include. For efficiency, add a date partition, using a format like
/{YYYY}/{MM}/{DD}or/y={YYYY}/m={MM}/d={DD}. You can use*as a wildcard to match any character.When using a date partition, you must specify all subdirectory levels before adding the date. For example:
my/static/prefix/{YYYY}/{MM}/{DD}/ *Click Test Connection to make sure you supplied the correct information.
Once the connection is established, click Apply.