Sentinel Connectors - Flat files, ODBC, IBMi

%3CLINGO-SUB%20id%3D%22lingo-sub-2048078%22%20slang%3D%22en-US%22%3ESentinel%20Connectors%20-%20Flat%20files%2C%20ODBC%2C%20IBMi%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2048078%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20All%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20am%20considering%20rolling-out%20Sentinel%20some%20time%20in%20the%20future%20and%20I%20am%20exploring%20what%20data%20types%20it%20can%20ingest.%20I%20am%20particularly%20looking%20for%20if%20it%20ingest%2Fhow%20it%20can%20ingest%20from%26nbsp%3B%3C%2FP%3E%3CP%3E-%20Flat%20file%20logs%26nbsp%3B%3C%2FP%3E%3CP%3E-%20Can%20it%20connect%20to%20a%20database%20and%20ingest%20from%20it(ODBC)%3C%2FP%3E%3CP%3E-%20How%20it%20could%20ingest%20from%20IBMi%2Fiseries%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20in%20advance%20for%20your%20input%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2048812%22%20slang%3D%22en-US%22%3ERe%3A%20Sentinel%20Connectors%20-%20Flat%20files%2C%20ODBC%2C%20IBMi%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2048812%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F924492%22%20target%3D%22_blank%22%3E%40AzureHacki%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E1.%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Fplatform%2Fdata-sources-custom-logs%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3ECollect%20custom%20logs%20with%20Log%20Analytics%20agent%20in%20Azure%20Monitor%20-%20Azure%20Monitor%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%0A%3CP%3Efor%202%20and%203%20you%20may%20need%20to%20use%20Logic%20Apps%2C%20as%20an%20example%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Flogic-apps%2Flogic-apps-gateway-connection%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAccess%20data%20sources%20on%20premises%20-%20Azure%20Logic%20Apps%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi All,

 

I am considering rolling-out Sentinel some time in the future and I am exploring what data types it can ingest. I am particularly looking for if it ingest/how it can ingest from 

- Flat file logs 

- Can it connect to a database and ingest from it(ODBC)

- How it could ingest from IBMi/iseries

 

Thanks in advance for your input 

2 Replies

@AzureHacki :

  • For databases, in case your database is on-prem rather than a cloud service, I think that the best option would be Logstash. It might also be a good alternative for files.
  • For IBM, it seems that iSeries supports CEF (see here). Also, zSecure supports CEF as outlined in what's new for zSecure V2.3.0