Forum Discussion
Azure Sentinel - enabling Syslog from onPrem Linux
Checking on details in this: https://docs.microsoft.com/en-us/azure/sentinel/connect-syslog We have a working Linux Syslog Connector (not in Azure - it's onPrem) but it seems that while we can now ...
Ofer_Shezaf
Microsoft
Microsoft
I think that the instructions on the connector page are somewhat clearer:
- Under workspace advanced settings Configuration, select Data and then Syslog.
- Select Apply below configuration to my machines and select the facilities and severities.
- Click Save.
Also, note that the agent configures behind the scenes rsyslog or syslogNG. If you did manual configuration yourself, it might override.