Forum Discussion
Solved
Server core event logs
I have been using the Log Analytics agent to get on-premise server event logs into Sentinel and all has gone well with the exception for Server core boxes. Server Core isn't listed as supported (
https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview#log-analytics-agent) so was wondering what is the best way to get server core logs over into Sentinel.
- You will need WEF/WEC but support for that will be added in a future release of the Azure Monitor Agent.
- CliveWatson
Microsoft
You will need WEF/WEC but support for that will be added in a future release of the Azure Monitor Agent.- Just curious if happen to know when that future release might be? Something like or 1 or 2 months or as long as a year?
Thanks for the response to the initial question.- CliveWatsonSorry its an NDA item, are you a member of the Private Preview (if your company has an NDA with Microsoft, you can signup in the Azure Sentinel Portal - News & Guides - What's New - Private Preview link: https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR-kibZAPJAVBiU46J6wWF_5URDFSWUhYUldTWjdJNkFMVU1LTEU4VUZHMy4u)
