Sentinel Connectors - Flat files, ODBC, IBMi

Question

Hi All,&nbsp;I am considering rolling-out Sentinel some time in the future and I am exploring what data types it can ingest. I am particularly looking for if it ingest/how it can ingest from&nbsp;- Flat file logs&nbsp;- Can it connect to a database and ingest from it(ODBC)- How it could ingest from IBMi/iseries&nbsp;Thanks in advance for your input&nbsp;

clivewatson · Answer

AzureHacki&nbsp;
&nbsp;
1.&nbsp;Collect custom logs with Log Analytics agent in Azure Monitor - Azure Monitor | Microsoft Docs
for 2 and 3 you may need to use Logic Apps, as an example:&nbsp;Access data sources on premises - Azure Logic Apps | Microsoft Docs

ofer_shezaf · Answer

AzureHacki&nbsp;:

For databases, in case your database is on-prem rather than a cloud service, I think that the best option would be Logstash. It might also be a good alternative for files.
For IBM, it seems that iSeries supports CEF (see here). Also, zSecure supports CEF as outlined in&nbsp;what's new for zSecure V2.3.0&nbsp;

azurehacki · Answer

CliveWatson&nbsp; Thanks for that, it will help answer some of the questions!

azurehacki · Answer

Thanks ofer_shezaf that is helpfull.

Forum Discussion

Sentinel Connectors - Flat files, ODBC, IBMi

Share

Resources