Forum Discussion
Azure Sentinel: Common Event Format (CEF) Connectors Update | PREVIEW
Azure Sentinel allows you to connect any on-premises appliance that supports Common Event Format over Syslog to Azure Sentinel. Sentinel team has been working on improving this capability and are exc...
I trying to send my syslog data to Azure Sentinel but, I'm seeing the following message in my Linux Syslog agent:
****
Validating the CEF\ASA logs are received and are in the correct format when received by syslog daemon
sudo tac /var/log/syslog
Located 0
CEF\ASA messages
Error: no CEF messages received by the daemon.
Please validate that you do send CEF messages to agent.
****
I'm receiving syslog messages in the Linux (Ubuntu) agent from my Cisco firewall but, the CEF collector isn't forwarding them to Azure Sentinel. How do I fix this?
Thanks,
Will_Network