cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Home

Can we use exported Syslog data to connect with sentinel?

%3CLINGO-SUB%20id%3D%22lingo-sub-846491%22%20slang%3D%22en-US%22%3ECan%20we%20use%20exported%20Syslog%20data%20to%20connect%20with%20sentinel%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-846491%22%20slang%3D%22en-US%22%3E%3CP%3ECan%20we%20use%20exported%20Syslog%20data%20to%20connect%20with%20sentinel%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20portion%20of%20my%20syslog%20data%2C%20which%20i%20want%20to%20integrate%20with%20Sentinel.%20As%20i%20don't%20want%20to%20install%20sentinel%20agent%20directly%20on%20my%20production%20syslog%20server.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECan%20Syslog%20agent%20can%20read%20the%20data%20from%20exported%20file%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-846491%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ESentinel%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Esyslog%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-847085%22%20slang%3D%22en-US%22%3ERe%3A%20Can%20we%20use%20exported%20Syslog%20data%20to%20connect%20with%20sentinel%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-847085%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F379614%22%20target%3D%22_blank%22%3E%40dileepjk%3C%2FA%3E%26nbsp%3Byou%20have%20to%20install%20the%20agent%20OR%20write%20something%20to%20upload%20the%20file%20to%20the%20log%20analytics%20API.%26nbsp%3B%20if%20you%20write%20something%20it%20will%20end%20up%20in%20a%20custom%20log%20vs%20CommonSecurityLog%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
dileepjk
Occasional Visitor

‎09-10-2019 05:33 AM

‎09-10-2019 05:33 AM

Can we use exported Syslog data to connect with sentinel?

Can we use exported Syslog data to connect with sentinel?

 

I have portion of my syslog data, which i want to integrate with Sentinel. As i don't want to install sentinel agent directly on my production syslog server.

 

Can Syslog agent can read the data from exported file? 

Labels:
130 Views
0 Likes
1 Reply
Reply
1 Reply
Highlighted
Nicholas DiCola (SECURITY JEDI)

‎09-10-2019 09:27 AM

‎09-10-2019 09:27 AM

Re: Can we use exported Syslog data to connect with sentinel?

@dileepjk you have to install the agent OR write something to upload the file to the log analytics API.  if you write something it will end up in a custom log vs CommonSecurityLog

0 Likes
Reply

Related Conversations View all

Azure AD/Activity logs not connecting to new workspace

by leoszalkowski on May 29, 2020

29 Views 0 Likes
0 Replies

TAXII2 and Sentinel

by GhostCcamm on May 29, 2020

52 Views 0 Likes
2 Replies

Is there a way to aggregate multiple alerts into one incident in Sentinel

by CurlX on May 28, 2020

95 Views 0 Likes
4 Replies

Get entities for a Sentinel Incidient by API

by SanderWannet on May 27, 2020

50 Views 0 Likes
0 Replies

Related Blog Posts View all

Why use Azure Functions for ML inference ?

by Anirudh Garg on May 28, 2020

1691 Views 3 Likes
2 Replies

Experiencing Data Latency issue in Azure Portal in East US region - 05/28 - Resolved

by Azure-Monitor-Team on May 28, 2020

576 Views 0 Likes
0 Replies

Secure Working from Home – Deep Insights at Enrolled MEM Assets via Azure Sentinel

by Hesham Saad on May 28, 2020

1245 Views 2 Likes
0 Replies

Related Videos View all

#HumansofIT with Tech Superpowers: How Heathrow's Security Officer Launched 12 #PowerApps

Posted in Microsoft Ignite The Tour 2019 on March 30, 2020