Oct 01 2019 05:20 AM
Need help in integrating WAZUH (OSSEC) logs into Sentinel.
Oct 01 2019 07:15 AM - edited Oct 01 2019 07:16 AM
This product support CEF output https://documentation.wazuh.com/3.10/user-manual/reference/ossec-conf/syslog-output.html?highlight=c...
So you should use sentinel CEF connector
https://docs.microsoft.com/en-us/azure/sentinel/connect-common-event-format https://techcommunity.microsoft.com/t5/Azure-Sentinel/Azure-Sentinel-The-Syslog-and-CEF-source-confi...