Forum Discussion
Integrate Trellix EDR logs to sentinel
Hi,
I have an urgent issue. Actually I'm looking to get the Trellix EDR logs and forward it to Azure log analytics workspaces.
Actually I get yhis link (https://github.com/sreedharande/Azure-Sentinel-McAfee-MVision-ePO-Cloud). I followed all the instructions and the I get:
1- a function deployed in Azure.
2- a Connector (was added) with the name syslog.
In the log analytics workspaces no table was added? I looked to another link and i saw this table :
Is there any other solution or explanation so i can get those log in my Azure log analytics workspaces
1 Reply
- Is there any data in that Table now, sometimes it takes a few hours?
I dont understand this sentance, the custom Table has been created by the look for the screen shot - are you saying it has no data?
"In the log analytics workspaces no table was added? I looked to another link and i saw this table :"
