Forum Discussion
Ingesting logs to Sentinel - Detection Summary Events
Hello, I wounder if anyone could help me out, I have set up an OMS agent on a virtual VM with logs ingesting in from CrowdStrike. Detection summary Events are appearing in the Logs however with ...
cfulbrook When you get Crowdstrike data from the Solution provided in Sentinel - it arrives in Syslog and needs a Parser - maybe take a look and see if you can adjust or use this for use with the VM you have?
Azure-Sentinel/CrowdstrikeFalconEventStream.txt at 4ad195f4fe6fdbc66fb8469120381e8277ebed81 · Azure/Azure-Sentinel (github.com)
Thanks Clive!