Forum Discussion
Data Base Integration with Sentinel
Hi All, I am quite new to Sentinel platform but not new to SIEM. How to integrate Data Base (any like Oracle, MsSql etc) audit or application logs which is in different table other than audit...
Rod_Trent
Microsoft
MicrosoftSentinel utilizes its own data and data structure (Log Analytics) which is more efficient and better performant than legacy database types. You can ingest data from various sources to Sentinel to enable Sentinel to analyze and alert on security indicators. See the following which includes ingesting custom data types:
https://learn.microsoft.com/en-us/azure/sentinel/connect-data-sources?tabs=azure-portal
You can migrate Splunk and ArcSight to Sentinel.
See the following for Splunk: https://learn.microsoft.com/en-us/azure/sentinel/migration-splunk-detection-rules
See the following for ArcSight: https://learn.microsoft.com/en-us/azure/sentinel/migration-arcsight-detection-rules
https://learn.microsoft.com/en-us/azure/sentinel/connect-data-sources?tabs=azure-portal
You can migrate Splunk and ArcSight to Sentinel.
See the following for Splunk: https://learn.microsoft.com/en-us/azure/sentinel/migration-splunk-detection-rules
See the following for ArcSight: https://learn.microsoft.com/en-us/azure/sentinel/migration-arcsight-detection-rules