cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Does Azure Sentinel support CSV format for FortiMail logs?

%3CLINGO-SUB%20id%3D%22lingo-sub-1354697%22%20slang%3D%22en-US%22%3EDoes%20Azure%20Sentinel%20support%20CSV%20format%20for%20FortiMail%20logs%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1354697%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20Everyone%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20wanted%20to%20know%20whether%20Azure%20Sentinel%20supports%20CSV%20format%20for%20FortiMail%20logs.%20I%20can%20see%20an%20option%20of%20enabling%20CSV%20format%20while%20configuring%20the%20remote%20logging%20on%20FortiMail.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EPlease%20let%20me%20know%20whether%20I%20have%20to%20enable%20CSV%20format%20and%20Azure%20Sentinel%20have%20parsers%20for%20the%20same.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3EMitesh%20Agrawal%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1354850%22%20slang%3D%22en-US%22%3ERe%3A%20Does%20Azure%20Sentinel%20support%20CSV%20format%20for%20FortiMail%20logs%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1354850%22%20slang%3D%22en-US%22%3EI%20don't%20know%20Fortimail%20but%20if%20the%20logs%20are%20on%20or%20can%20be%20sent%20to%20server%20with%20the%20Microsoft%20management%20agent%20(MMA)%20that%20Sentinel%20uses%2C%20you%20could%20potentially%20use%20the%20Custom%20Log%20feature.%20If%20not%20then%20logstash%2C%20logic%20apps%20or%20an%20Azure%20function%3F%3C%2FLINGO-BODY%3E
MiteshAgrawal
Contributor

‎05-02-2020 04:11 AM

‎05-02-2020 04:11 AM

Does Azure Sentinel support CSV format for FortiMail logs?

Hi Everyone,

 

I wanted to know whether Azure Sentinel supports CSV format for FortiMail logs. I can see an option of enabling CSV format while configuring the remote logging on FortiMail. 

 

Please let me know whether I have to enable CSV format and Azure Sentinel have parsers for the same.

 

Regards,

Mitesh Agrawal 

180 Views
0 Likes
1 Reply
Reply
1 Reply
Clive Watson

‎05-02-2020 06:18 AM - edited ‎05-02-2020 06:20 AM

‎05-02-2020 06:18 AM - edited ‎05-02-2020 06:20 AM

Re: Does Azure Sentinel support CSV format for FortiMail logs?

I don't know Fortimail but if the logs are on or can be sent to server with the Microsoft management agent (MMA) that Sentinel uses, you could potentially use the Custom Log feature. If not then logstash, logic apps or an Azure function?
1 Like
Reply