Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?

Question

Hi Everyone,&nbsp;Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?&nbsp;Regards,Mitesh Agrawal

abigail05 · Answer

MiteshAgrawal&nbsp;Yes you can do that with Windows. Though I wouldn't be able to tell how to do that in Linux.

clivewatson · Answer

MiteshAgrawal&nbsp;
&nbsp;
You can configure the MMA (Windows and Linux)&nbsp; in the Log Analytics - Advanced Settings
&nbsp;
You can add multiple sources to each platform.&nbsp;https://docs.microsoft.com/en-us/azure/azure-monitor/platform/agent-data-sources
&nbsp;

&nbsp;

Forum Discussion

Can we use a single Linux/ Windows agent to collect logs from multiple log sources in Sentinel?

Share

Resources