Feedly Connector: Critical Migration from Deprecated API Prevents Complete Data Loss

What Changed

Migration of Feedly threat intelligence connector from the legacy HTTP Data Collector API to the modern Logs Ingestion API with DCR-based ingestion. This is a required infrastructure migration due to the deprecation of the HTTP Data Collector.

Security Impact (Visibility & Fidelity)

Deployments running the prior version will face complete ingestion failure when Microsoft discontinues the HTTP Data Collector API. Without this migration, organisations would lose all visibility into Feedly threat intelligence feeds — a critical gap for IOC correlation against web sessions, DNS queries, and file hashes.

The new implementation introduces DCR-based transformation and authentication via Azure AD service principals, replacing workspace keys with more secure credential management.

Affected Files

Solutions/Feedly/Data Connectors/FeedlySentinelConnector/sentinel_api.py
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/config.py
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/worker.py
Solutions/Feedly/Data Connectors/azuredeploy_Connector_Feedly_AzureFunction.json
Solutions/Feedly/Data Connectors/Feedly_API_AzureFunctionApp.json
(packaging artefacts: FeedlySentinelConnector.zip, requirements.txt, mainTemplate.json)

What Changed#

Security Impact (Visibility & Fidelity)#

Affected Files#

What Changed

Security Impact (Visibility & Fidelity)

Affected Files