SOLVED

Security Center/Sentinel or not?

%3CLINGO-SUB%20id%3D%22lingo-sub-1312444%22%20slang%3D%22es-ES%22%3ESecurity%20Center%2FSentinel%20or%20not%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1312444%22%20slang%3D%22es-ES%22%3E%3CP%3EHello%20everyone%2C%20%3CSPAN%20class%3D%22tlid-translation%20translation%22%3E%3CSPAN%3EI%20want%20to%20implement%20security%20center%2Fsentinel%20in%20my%20company%20and%20these%20other%20characteristics%3A%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22tlid-translation%20translation%22%3E%3CBR%20%2F%3E%3CSPAN%3EApache%20service%20status%20(%2Fetc%2Finit.d%2Fhttpd)%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ETomcat%20%2F%20sql%20server%20service%20status%3C%2FSPAN%3E%3CBR%20%2F%3ENumber%20of%3CSPAN%3Erequests%20and%20accesses%20to%20the%20application%3C%2FSPAN%3E%3CBR%20%2F%3E%3CSPAN%3ENFS%20drive%20access%3C%2FSPAN%3E%3CBR%20%2F%3EDatabase%20load%20and%20number%20of%3CSPAN%3Erequests%20on%20sqlserver%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSPAN%3EAll%20of%20this%2C%20for%20the%20moment%2C%20only%20on-premise%3C%2FSPAN%3E.%20%3CSPAN%3EI%20also%20want%20to%20check%20for%20security%20issues%20on%20the%20servers.%3C%2FSPAN%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%20%3CSPAN%20class%3D%22%22%3ECould%20you%20do%20it%20all%20with%20security%2Fsentinel%3FWould%20you%20also%20need%20azure%20monitor%3F%3C%2FSPAN%3E%3CBR%20%2F%3E%20%3CSPAN%20class%3D%22%22%3EThank%20you%20very%20much%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1353672%22%20slang%3D%22en-US%22%3ERe%3A%20Security%20Center%2FSentinel%20or%20not%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1353672%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F578308%22%20target%3D%22_blank%22%3E%40Javier1980%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHi%3C%2FP%3E%0A%3CP%3EAzure%20Sentinel%2FASC%20doesnt%20collect%20some%20of%20those%20listed%20by%20default.%26nbsp%3B%20Azure%20monitor%20can%20so%20yes%20you%20would%20want%20that%20to%20make%20it%20easy%20to%20get%20the%20data%20in%20to%20Log%20Analytics.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThinks%20like%20NFS%20i%20believe%20can%20log%20to%20syslog%20so%20you%20would%20collect%20with%20that.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

Hello everyone, I want to implement security center/sentinel in my company and these others characteristics:


Apache service status (/etc/init.d/httpd)
Tomcat / sql server service status
Number of requests and accesses to the application
NFS drive access
Database load and number of requests on sqlserver

All of this, for the moment, only on-premise. I also want to check for security issues on the servers.

Could you do it all with security/sentinel?¿Would you also need azure monitor?
Thank you very much

1 Reply
Highlighted
Solution

@Javier1980 

Hi

Azure Sentinel/ASC doesnt collect some of those listed by default.  Azure monitor can so yes you would want that to make it easy to get the data in to Log Analytics.

 

Thinks like NFS i believe can log to syslog so you would collect with that.