Forum Discussion
Azure DDOS Protection connector not ingesting logs
Hello,
I am having issues ingesting Azure DDOS protection logs into Sentinel. I have connected by enabling Diagnostics Logs on All Public Addresses but still it is not ingesting logs.
4 Replies
Usama_Saleem Are you receive logs ? I am facing similar issues
Usama_Saleem the connector will become active one you have data ingested to sentinel, you need to simulate an alert from your DDos protection so that alert will be ingested to sentinel through the connector and check then if the connector will become connected and the Azure diagnostics data type will turn green
- Is it necessary to perform simulation? Why the data is not ingested although I have enabled diagnostic settings of all the Public IP addresses?
- you can check the data ingested from the log analytics workspace used with sentinel, but to be able to trigger an alert in sentinel you need to simulate an attack to one of your IP addresses
