cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?

MiteshAgrawal
Brass Contributor

‎May 04 2020 03:19 AM - last edited on ‎Nov 02 2021 05:53 PM by

‎May 04 2020 03:19 AM - last edited on ‎Nov 02 2021 05:53 PM by

Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?

Hi Everyone,

 

Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?

 

Regards,

Mitesh Agrawal

762 Views
0 Likes
2 Replies
Reply
2 Replies
Abigail05

‎May 04 2020 03:26 AM

‎May 04 2020 03:26 AM

Re: Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?

@MiteshAgrawal 

Yes you can do that with Windows. Though I wouldn't be able to tell how to do that in Linux.

0 Likes
Reply
CliveWatson

‎May 04 2020 03:31 AM

‎May 04 2020 03:31 AM

Re: Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?

@MiteshAgrawal 

 

You can configure the MMA (Windows and Linux)  in the Log Analytics - Advanced Settings

 

You can add multiple sources to each platform. https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agent-data-sources

 

Annotation 2020-05-04 112847.jpgAnnotation 2020-05-04 112818.jpg

 

0 Likes
Reply