Blog Post

Microsoft Sentinel Blog

4 MIN READ

Best Practices for Common Event Format (CEF) collection in Azure Sentinel

Microsoft

Nov 19, 2019

By Nicholas DiCola & Cristhofer Romeo Munoz What is CEF collection? Most network and security systems support either Syslog or CEF (which stands for Common Event Format) over Syslog as me...

Updated Nov 03, 2021

Version 9.0

Microsoft

Joined October 17, 2017

View Profile

Microsoft Sentinel Blog

Microsoft Sentinel is a cloud-native SIEM, enriched with AI and automation to provide expansive visibility across your digital environment.

Prashant800

Copper Contributor

Oct 26, 2022

Hello All

We are planning to deploy the CEF log forwarder for hybrid environment

We have on prem firewall & proxy solution as well as the azure firewalls (Palo alto firewall)

What is the best cases to deploy the cef log forwarder considering the DR situation for server

Thanks