Forum Discussion

Deleted's avatar
Deleted
Sep 27, 2017

Azure Security Monitoring

Hello everyone, I am new to Azure and currently doing security monitoring in azure security center. I have few questions that i would like to ask. Currently there are syslogs coming in from machine...
Azure Log Analytics
azure monitor
Meir_Mendelovich's avatar
Meir_Mendelovich
Icon for Microsoft rankMicrosoft
Oct 03, 2017

Hi Shiva,

 

There is a new capability in Azure Security Center to turn every log query into security alert. See documentation here: https://docs.microsoft.com/en-us/azure/security-center/security-center-custom-alert and recorded demo here: https://youtu.be/e8iFCz5RM4g?t=1486.

 

About ingestion of security solutions, we do prefer using CEF over Syslog rather than simple Syslog though both are possible. CEF provides more structured format and indexing. See more details on CEF support here: https://docs.microsoft.com/en-us/azure/security-center/security-center-partner-integration

 

Hope it helps,

            Meir :->