cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Sentinel and data from GSuite, custom logs?

Karen McGregor
Microsoft

‎Mar 17 2019 08:38 AM

‎Mar 17 2019 08:38 AM

Sentinel and data from GSuite, custom logs?

Is there any plan to integrate authentication/activity data from GSuite into Sentinel?

 

And - what's the plan to add custom log data (eg., LOB application logs) into Sentinel?

4,999 Views
0 Likes
3 Replies
Reply
3 Replies
CliveWatson

‎Mar 18 2019 05:32 AM

‎Mar 18 2019 05:32 AM

Re: Sentinel and data from GSuite, custom logs?

I cant answer part 1, but Log Analytics already has a Custom log feature https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-custom-logs you can enable that for the Log Analytics workspace Sentinel is using.  There is also a CEF and Syslog connector in Sentinel.

0 Likes
Reply
Karen McGregor

‎Mar 18 2019 11:37 AM

‎Mar 18 2019 11:37 AM

Re: Sentinel and data from GSuite, custom logs?

Thanks!
1 Like
Reply
UW_Scott

‎Oct 02 2019 06:56 AM

‎Oct 02 2019 06:56 AM

Re: Sentinel and data from GSuite, custom logs?

If you have Cloud App Security you can pull logs with their setup ( https://docs.microsoft.com/en-us/cloud-app-security/connect-google-apps-to-microsoft-cloud-app-secur...) and then should be able to pull that into Sentinel via https://docs.microsoft.com/en-us/azure/sentinel/connect-cloud-app-security . It would be nice if they gave us a way to do it directly, though.
1 Like
Reply