Forum Discussion
Excluding specific events from log analytics agent (Windows)
Hello everyone, We are in phase of creating a PoC to possibly replace our SIEM. So far I believe we have done a good job presenting capabilities of Sentinel. However, there is one main issue for ...
I believe this only applies to VM's on azure. I was talking about the on-premise servers. I checked your link but all I see is Azure Virtual Machines being mentioned.
Rod_Trent
Microsoft
MicrosoftYes, but if you read deeper, it talks about working for on-premises servers, but Azure Arc is required to be installed. I call it out a bit better at the bottom of my blog post: https://azurecloudai.blog/2021/06/14/how-to-limit-what-azure-sentinel-collects-from-windows-systems/