Forum Discussion
Parse CEF logging and a map field within message
Hi all, I have successfully configured the oms-agent and the Microsoft CEF python log forward script on a Ubuntu 20.04 x64 VM to forward Fortinet Analyzer logging to Sentinel. I receive the CEF l...
You maybe able to parse this from the AdditionalExtensions column in your query, see these examples:
https://github.com/Azure/Azure-Sentinel/search?q=AdditionalExtensions+extract
https://github.com/Azure/Azure-Sentinel/search?q=AdditionalExtensions+extract