Forum Discussion
PawelB1645
Oct 07, 2021Copper Contributor
Adding Windows Srecurity Logs into Azure sentinel
Hello,
I wanted to add a the windows security log into ingestion but it cannot be done:
although, no security events are sent into my sentinel by default:
The events with the ID 4625 are of course created:
What could I do?
Best regards
- Security Logs are collected via a different route, see the "Security Events" data connector, in the Sentinel portal, or "Windows Security Events (Preview). These specific logs are then written to the SecuityEvent table, rather than the Events table.
- CliveWatson
Microsoft
Security Logs are collected via a different route, see the "Security Events" data connector, in the Sentinel portal, or "Windows Security Events (Preview). These specific logs are then written to the SecuityEvent table, rather than the Events table.- PawelB1645Copper Contributor
Thank you. I had the the security Windows security Events(preview) conector instead of the SecurityEvents