Forum Discussion

AndrewX's avatar
AndrewX
Iron Contributor
Jun 01, 2019
Solved

WEF forwarding to Azure Security Centre / Log Analytics

Hello - I am hoping this is possible and a viable option.   I currently use Windows Event Forwarding (WEF) with Winlogbeat sending events off to Elasticsearch. Epic, this works great, why would i...
Log Analytics
microsoft sentinel
security
  • Ofer_Shezaf's avatar
    Ofer_Shezaf
    Jun 16, 2019

    AndrewX 

     

    WEF support is currently in preview and still has some limitations. Contact me directly if you would like to join, and we can discuss whether the current support would work for you.

     

    As an alternative, you can continue to use CEF and winlogbeat and connect it to Sentinel using Logstash and the Logstash Log Analytics output plugin.

     

    ~ Ofer

SimonR's avatar
SimonR
Brass Contributor
Mar 24, 2020

Ofer_Shezaf is this WEF preview still available/accessible? I'm looking at forwarding our current WEF setup to Azure Sentinel for easier analysis and came across this post when trying to configure the setup.

Ofer_Shezaf's avatar
Ofer_Shezaf
Icon for Microsoft rankMicrosoft
Mar 25, 2020

Yes SimonR . I will send you a personal message to discuss.

  • Adam Małek's avatar
    Adam Małek
    Copper Contributor
    Apr 29, 2020

    Ofer_Shezaf Hi, is there any update on this WEF integration?

Resources