Pulling logs from Specific path

%3CLINGO-SUB%20id%3D%22lingo-sub-2463208%22%20slang%3D%22en-US%22%3EPulling%20logs%20from%20Specific%20path%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2463208%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20any%20way%20by%20which%20we%20can%20pull%20logs%20from%20specific%20path%20of%20a%20linux%20or%20windows%20server%20to%20Azure%20Sentinel%20%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%2C%3C%2FP%3E%3CP%3EAkshay%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2463300%22%20slang%3D%22en-US%22%3ERe%3A%20Pulling%20logs%20from%20Specific%20path%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2463300%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1082463%22%20target%3D%22_blank%22%3E%40Akshay-B%3C%2FA%3E%26nbsp%3BYou%20can%20enable%20custom%20log%20ingestion%20in%20the%20Log%20Analytics%20workspace%20for%20Azure%20Sentinel.%20Is%20this%20what%20you%20mean%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22customlogs.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F289922i46E225199589FAD1%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22customlogs.png%22%20alt%3D%22customlogs.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hello,

 

Is there any way by which we can pull logs from specific path of a linux or windows server to Azure Sentinel ?

 

Thanks,

Akshay

2 Replies

@Akshay-B You can enable custom log ingestion in the Log Analytics workspace for Azure Sentinel. Is this what you mean?

 

customlogs.png

@rodtrent Yes, this will help. Thank you. I will try to use this option and tell you how if it worked for me.

https://docs.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-custom-logs

this is the Microsoft article I found.