How do I send carbon black logs to sentinel without S3 bucket

philipbrinkSA you could go down the road of building a logstash forwarder with the carbon black plugin

See documentation below

https://docs.elastic.co/en/integrations/carbonblack_edr

https://learn.microsoft.com/en-us/azure/sentinel/connect-logstash-data-connection-rules