Identified - We are in the process of releasing a new version that resolves this issue. This version is currently pending Microsoft approval.
In the meantime, you can manually upgrade the WithSecure Elements API connector for Microsoft Sentinel (deployed from Azure Marketplace) by following these steps:
Login to Azure CLI az login Download the Fixed Version of the Connector App from: https://github.com/WithSecureOpenSource/elements-api/releases/download/1.0.1/connector.zip Run the Function App Deployment (Modify the MyResourceGroupName and MyFunctionAppName as needed): az functionapp deployment source config-zip --resource-group MyResourceGroupName --name MyFunctionAppName --src ./connector.zip
May 12, 2025 - 12:24 UTC
Investigating - We are currently investigating an issue where the Microsoft Sentinel connector is not receiving security event data from WithSecure Elements. Affected are all customers using the Sentinel connector.
May 08, 2025 - 11:27 UTC
Resolved -
We have found the root cause of the issue and a fix was done in production.
However a refresh of permissions for sharepoint is required for Elements collaboration protection.
The refresh can be completed with the following steps:
1: Logging in to the Elements security Center 2: Navigating to the Collaboration Protection section 3: Select Cloud Services from the left hand menu 4: From the Cloud Services pages select the Tenant an action menu will become visible and select "Refresh permissions to Sharepoint" a new permission consent will be requested, including all the necessary permissions
This must be completed by all Elements Collaboration Protection users to maintain Sharepoint and Teams coverage.
May 13, 14:55 UTC
Investigating -
We are investigating an issue with WithSecure Elements Collaboration Protection. When a cloud connection is newly established or refreshed, despite the UI showing "connected", there will be no SharePoint sites or Teams Channel listed as protected.
The Exchange functionality and One Drive are working as expected. We are working on resolving the issue.
May 13, 11:35 UTC
May 12, 2025
Unresolved incident: Microsoft Sentinel connector is not receiving security event data from WithSecure Elements.