Azure Blob Streaming Configuration

This document provides information on how to configure Azure Blob connection with real-time events monitoring and data streaming.

To enable Real Time Events Monitoring (Streaming) for an existing Azure Blob scan, follow these steps.

Prerequisites

Existing Azure Blob connection: An Azure Blob scan configuration must already exist.

If you have not created an Azure Blob scan yet, follow this guide to Azure Blob scan and ensure the necessary credentials are set up.

Select an Existing Scan Configuration

  1. Go to the Scan configurations page in the product UI.
  2. Find your existing Azure Blob scan configuration and select Edit Configuration from the options menu.

Enable Data Streaming

  1. Within the Edit Azure Blob Scan Configuration page, toggle Data Streaming to ON.
  2. Copy the Webhook URL provided, as you will use it later in the Azure Portal.

Configure Azure Event Grid Subscription

  1. Navigate to Azure Portal and open your Storage Account.

  2. Select one of the connectors from the Storage Accounts.

  3. In the left-hand menu, select Events and click Create Event Subscription .tor menu.

  4. In Create Event Subscription Window fill in the details:

    1. Give it a Name.
    2. Select endpoint type Web Hook.
    3. Set configures an endpoint.
      <figure><img src="../../.gitbook/assets/cab519c5-725f-4f62-a8d4-3bce7eb60737 (1).png" alt=""><figcaption></figcaption></figure>
    4. Use the Webhook URL provided at the step 2 to Subscriber endpoint and confirm selection.
  5. Go to Filters Menu on top.

  6. In the Subject Filters section, enter the correct path format for your subscription:
    • Use the following pattern: /blobServices/default/containers/{connectionDetails.ContainerName}/blobs/{connectionDetails.FolderPath}
    • For example, if the container is mycontainer and the folder path is accuracy test/repository1, the path will look like: 
      /blobServices/default/containers/mycontainer/blobs/accuracy
    test/repository1

      Make sure to replace {connectionDetails.ContainerName} and {connectionDetails.FolderPath} with the actual container name and folder path from your scan configuration.\

  7. Click Create to complete the Event Subscription setup.

Assign Required Azure Permissions

Ensure the following permissions are assigned to the Azure Storage Account:
  • EventGrid Data Contributor
  • EventGrid EventSubscription Contributor
  • EventGrid TopicSpaces Publisher

For details on assigning these roles, refer to Azure Blob scan section.

Next Steps

After configuring the event subscription:
  • You may upload documents to the configured path.
  • The events triggered by these uploads will be processed by the Data Streaming setup, and the results will appear in your Forcepoint DSPM dashboard.

Troubleshooting

If you experience any issues with the configuration, ensure that:
  1. The Webhook URL is correct and matches the configuration in Azure.
  2. The required Azure permissions are correctly assigned.