log ingestion from windows/ linux servers ( virtual machines ) and azure WAF in to Sentinel

Hi All , having a requirement for log ingestion from windows/ linux servers ( azure virtual machines ) and WAF from client environment to our MDR need suggestion to proceed , for MDE its a bit st...

data collection

Log Data

siem

soar

GBushey
Aug 31, 2022
You can use either the Microsoft Monitor agent (AKA Log Analytics agent) or the new Azure Monitor agent to get information directly from your machines. This link provides a comparison between the two at the bottom of the page: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview

Clive_Watson

Bronze Contributor

Aug 31, 2022

Victor1989

Have you looked at the out of the box WAF solutions (under Data Connectors and Content Hub)?

Victor1989

Copper Contributor

Aug 31, 2022

Clive_Watson how about windows and Linux server virtual machines

GBushey
Former Employee
Aug 31, 2022
You can use either the Microsoft Monitor agent (AKA Log Analytics agent) or the new Azure Monitor agent to get information directly from your machines. This link provides a comparison between the two at the bottom of the page: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview

Forum Discussion

log ingestion from windows/ linux servers ( virtual machines ) and azure WAF in to Sentinel

Resources