Forum Discussion

Iron Contributor

Jun 01, 2019

Solved

WEF forwarding to Azure Security Centre / Log Analytics

Hello - I am hoping this is possible and a viable option. I currently use Windows Event Forwarding (WEF) with Winlogbeat sending events off to Elasticsearch. Epic, this works great, why would i...

Log Analytics

microsoft sentinel

security

Ofer_Shezaf
Jun 16, 2019
AndrewX

WEF support is currently in preview and still has some limitations. Contact me directly if you would like to join, and we can discuss whether the current support would work for you.

As an alternative, you can continue to use CEF and winlogbeat and connect it to Sentinel using Logstash and the Logstash Log Analytics output plugin.

~ Ofer

DannyC_Gamma

Brass Contributor

Jul 23, 2019

AndrewX

Hey Andrew

Did you get a response from Microsoft on this - I'm looking at similar scenario and I'd like to get access to the WEF connector also

I did reach out to Ofer_Shezaf but I'm yet to hear back

Thanks

Danny

Ofer_Shezaf

Microsoft

Jul 23, 2019

Hi Danny: sorry, missed your message. Can you send me an e-mail to discuss the private preview (ofer.shezaf@microsoft.com)

Bjørn André Kaland
Copper Contributor
Jun 08, 2020
Hi, Any news on the WEF support? Can you please add to the private discussion?

Best regards
Bjørn Andre
- Ofer_Shezaf
  Microsoft
  Jun 10, 2020
  Bjørn André Kaland : if you want to look into the private preview, send me an e-mail to ofer dot shezaf at microsoft dot com
  - otuser810
    Copper Contributor
    Jul 16, 2020
    Also interested in the private preview for WEF collection. Ofer_Shezaf
DannyC_Gamma
Brass Contributor
Jul 23, 2019
Ofer_Shezaf No worries - will do

Many Thanks!