cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Exporting Kaspersky logs to Azure Sentinel

zubairrahimsoc
Copper Contributor

‎Jun 10 2021 02:13 AM

‎Jun 10 2021 02:13 AM

Exporting Kaspersky logs to Azure Sentinel

Hi community,

I want to export Kaspersky logs to Azure Sentinel for that I need AZ Sentinel server address (IP) and Z Azure Sentinel server port.

How would I find my Sentinel IP and port address?

kasper.png

2,298 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by Rod_Trent (Microsoft)
Gary Bushey

‎Jun 10 2021 03:53 AM

‎Jun 10 2021 03:53 AM

Solution

Re: Exporting Kaspersky logs to Azure Sentinel

@zubairrahimsoc I have not actually used the data connector before however, based on what the documentation is stating, it appears that you would need to setup a CEF Server (using the instructions in the Azure Sentinel CEF Data Connector) and then use that server's IP address and the ingestion port (which I believe is 514).  Then the CEF server can handle sending the data into Azure Sentinel.

 

1 Like
Reply
1 best response

Accepted Solutions
best response confirmed by Rod_Trent (Microsoft)
Gary Bushey

‎Jun 10 2021 03:53 AM

‎Jun 10 2021 03:53 AM

Solution

Re: Exporting Kaspersky logs to Azure Sentinel

@zubairrahimsoc I have not actually used the data connector before however, based on what the documentation is stating, it appears that you would need to setup a CEF Server (using the instructions in the Azure Sentinel CEF Data Connector) and then use that server's IP address and the ingestion port (which I believe is 514).  Then the CEF server can handle sending the data into Azure Sentinel.

 

View solution in original post

1 Like
Reply