Connect data through Azure Storage

Prev Next

📘Note

  1. This method is currently available for NSG Flow logs only.

  2. This integration will skip all blobs with type != block.

Gather information from your Azure Storage account

  1. Open your Azure Storage account and navigate to Security + networking > Access keys from the side menu.

  2. Locate the Connection string and click Show.

  3. Now click the copy icon () to copy the string to your clipboard, and paste it in a notepad.
    It should look like this:

    DefaultEndpointsProtocol=https;AccountName=mdatplogs;AccountKey=+fekjh4598gkjdgkj45hglkj4h5gJ4coQE/MqAl6HFyFZ==;EndpointSuffix=core.windows.net
  4. From this string, locate the values of the following items:

    1. Default endpoint protocol (can be either http or https)

    2. Account name

    3. Account key

    4. Endpoint suffix


    In our example, we extract the following values:

    Default endpoint protocol: https
    Account name: mdatplogs
    Account key: +fekjh4598gkjdgkj45hglkj4h5gJ4coQE/MqAl6HFyFZ==
    Endpoint suffix: core.windows.net

  5. Navigate to Storage browser > Blob containers and locate the name of the container you want to connect to Hunters.

Set up the connection on Hunters

  1. On Hunters, navigate to Data > Data Sources.

  2. Click + Connect Data Sources.

  3. From the integration tiles, locate the product you want to connect.

  4. After reading the guide, click Connect from the product tile to start the connection process. If the product is already connected, click Edit Connection.

  5. From the left-side menu, click + More Integrations > Azure Block Storage List.

  6. Fill in the fields with the information you acquired previously:

    From the connection string:

    1. Default endpoint protocol

    2. Account name

    3. Account key

    4. Endpoint suffix


    From the storage browser:

    1. Container name

  7. In the Prefix field, enter the path to the files you want to include. For efficiency, add a date partition, using a format like /{YYYY}/{MM}/{DD} or /y={YYYY}/m={MM}/d={DD}. You can use * as a wildcard to match any character.

    When using a date partition, you must specify all subdirectory levels before adding the date. For example: my/static/prefix/{YYYY}/{MM}/{DD}/ *

  8. Click Test Connection to make sure you supplied the correct information.

  9. Once the connection is established, click Apply.