Home

Can we use exported Syslog data to connect with sentinel?

%3CLINGO-SUB%20id%3D%22lingo-sub-846491%22%20slang%3D%22en-US%22%3ECan%20we%20use%20exported%20Syslog%20data%20to%20connect%20with%20sentinel%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-846491%22%20slang%3D%22en-US%22%3E%3CP%3ECan%20we%20use%20exported%20Syslog%20data%20to%20connect%20with%20sentinel%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20portion%20of%20my%20syslog%20data%2C%20which%20i%20want%20to%20integrate%20with%20Sentinel.%20As%20i%20don't%20want%20to%20install%20sentinel%20agent%20directly%20on%20my%20production%20syslog%20server.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20Syslog%20agent%20can%20read%20the%20data%20from%20exported%20file%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-846491%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESentinel%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Esyslog%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-847085%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20we%20use%20exported%20Syslog%20data%20to%20connect%20with%20sentinel%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-847085%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F379614%22%20target%3D%22_blank%22%3E%40dileepjk%3C%2FA%3E%26nbsp%3Byou%20have%20to%20install%20the%20agent%20OR%20write%20something%20to%20upload%20the%20file%20to%20the%20log%20analytics%20API.%26nbsp%3B%20if%20you%20write%20something%20it%20will%20end%20up%20in%20a%20custom%20log%20vs%20CommonSecurityLog%3C%2FP%3E%3C%2FLINGO-BODY%3E
dileepjk
Occasional Visitor

Can we use exported Syslog data to connect with sentinel?

 

I have portion of my syslog data, which i want to integrate with Sentinel. As i don't want to install sentinel agent directly on my production syslog server.

 

Can Syslog agent can read the data from exported file? 

1 Reply

@dileepjk you have to install the agent OR write something to upload the file to the log analytics API.  if you write something it will end up in a custom log vs CommonSecurityLog

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
46 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies