How to Monitor Log Sources in Azure Sentinel?

%3CLINGO-SUB%20id%3D%22lingo-sub-2017886%22%20slang%3D%22en-US%22%3EHow%20to%20Monitor%20Log%20Sources%20in%20Azure%20Sentinel%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2017886%22%20slang%3D%22en-US%22%3E%3CP%3EHello%20Guys%2C%20Happy%20New%20Year.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJust%20wanted%20know%2C%20if%20any%20of%20log%20source%20has%20turned%20down%2C%20how%20it%20will%20be%20monitored%20by%20Azure%20Sentinel%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20I%20need%20to%20write%20any%20kql%20query%20or%20is%20there%20already%20a%20predefined%20option%20in%20sentinel%20portal%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3EAB%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2017977%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20Monitor%20Log%20Sources%20in%20Azure%20Sentinel%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2017977%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F912724%22%20target%3D%22_blank%22%3E%40AB001986%3C%2FA%3E%26nbsp%3BThere%20is%20nothing%20in%20the%20Azure%20Sentinel%20portal%20that%20will%20show%20this%20information%20however%20this%20blog%20post%20will%20show%20you%20how%20to%20get%20this%20information.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fdata-connector-health-push-notification-alerts%2Fba-p%2F1996442%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Fdata-connector-health-push-notification-alerts%2Fba-p%2F1996442%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

Hello Guys, Happy New Year.

 

Just wanted know, if any of log source has turned down, how it will be monitored by Azure Sentinel?

 

Do I need to write any kql query or is there already a predefined option in sentinel portal?

 

Thanks

AB

1 Reply

@AB001986 There is nothing in the Azure Sentinel portal that will show this information however this blog post will show you how to get this information.

 

https://techcommunity.microsoft.com/t5/azure-sentinel/data-connector-health-push-notification-alerts...