Forum Discussion
Windows 2003 events in Sentinel
Hello everyone!
I have a customer asking me how to get Windows 2003 events into Sentinel. Obviously the MMA Sentinel Agent won't run on the host, but I'm thinking that event forwarding from 2003 to a supported system, and then scooping the logs from the supported system will work. Has anyone done this, yet?
Cheers!
- Ofer_Shezaf
Microsoft
Azure Sentinel currently doesn't support WEF, though this is planned. Meanwhile, you can use 3rd party alternatives such as NXlog to translate to Syslog or WinLogBeat and Logstash to a custom log.- Thank you! We'll go that route, I think.
