This guide is old and out of date. Workarounds are to use another
connector that allows to directly query the log analytics workspace
Splunk Add on for Microsoft Azure | Splunkbase And setting this up to
run every 5 minutes with a query like: SecurityIncident | where
ingestion_time() > ago(6m) Or ex...
Hello @bobsyouruncle , the document actually says to use AMA. Create
Deployment Template We can easily add all those ARM templates to an
‘Azure Sentinel & Win10 Workstation’ basic template. We just need to
make sure we install the Azure Monitor Agent instead of the Log
Analytics one, and enable the ...
Latest Comments