Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Can we use exported Syslog data to connect with sentinel?

Copper Contributor

Can we use exported Syslog data to connect with sentinel?

 

I have portion of my syslog data, which i want to integrate with Sentinel. As i don't want to install sentinel agent directly on my production syslog server.

 

Can Syslog agent can read the data from exported file? 

1 Reply

@dileepjk you have to install the agent OR write something to upload the file to the log analytics API.  if you write something it will end up in a custom log vs CommonSecurityLog