Forum Discussion
Unable to integrate suse linux (azure VM) on azure sentinel
Hello experts, I am facing a challenge while integrating Azure VM suse linux using syslog dataconnector. I have configured levels and connected to the VM to the workspace. But still it is not sho...
The servers are in a protected region with no internet access. So what needs to be enabled between VM and workspace.
Hello Jayesh_D123,
Here is a write-up on how to configure it:
https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-syslog
Syslog settings in "Advanced Settings" are pushed towards the OMS Agent within 10/15 minutes.
I would suggest to try to get already the logs from your Linux O.S. going to Azure Sentinel by enabling Syslog Facility such as "auth", "deamon" and then have a look inside Azure Sentinel if there is data going the connector in the Data Connector blade.
You may need also to verify that there is no network filtering in place somewhere (Host-level firewall, ...)
Kind Regards,
Thomas