Forum Discussion
Azure Sentinel - Connector for Fortinet
Trying to connect Azure Sentinel for Fortinet on Linux proxy machine :
When adding the sentinel connector for Fortinet - to act as a proxy for forwarding Fortinet logs - received the following error : when installing the syslog agent
: IOError: [Errno 2] No such file or directory: '/etc/opt/microsoft/omsagent/xxxx/conf/omsagent.d/security_events.conf'
Version of python is 3.6.8 and and its a linux Oracle 7.7
The issue seems to be with the repository on Github as the error message says that the file or directory is not found ?
Roger_FlemingMicrosoft
The OMSAgent is not installed properly on the Operating System. Run the following command to install and test the installation.
Install/upgrade/repair the agent
sudo wget https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/cef_installer.py&& python cef_installer.py <Workspace_id> <Workspace_Key>
Check/Test/Install
sudo wget https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/DataConnectors/CEF/cef_troubleshoot.py&& sudo python cef_troubleshoot.py <workspace_id>
- CliveWatson
This thread has been helpful in the past for some ideas to try https://techcommunity.microsoft.com/t5/Azure-Sentinel/Failed-to-configure-use-CEF-syslog-facility/m-p/376735#M130
