Azure DDOS Protection connector not ingesting logs

Usama_Saleem · ‎Aug 26 2023

Hello,

I am having issues ingesting Azure DDOS protection logs into Sentinel. I have connected by enabling Diagnostics Logs on All Public Addresses but still it is not ingesting logs.

eliekarkafy · ‎Aug 28 2023

@Usama_Saleem the connector will become active one you have data ingested to sentinel, you need to simulate an alert from your DDos protection so that alert will be ingested to sentinel through the connector and check then if the connector will become connected and the Azure diagnostics data type will turn green

Usama_Saleem · ‎Aug 29 2023

Is it necessary to perform simulation? Why the data is not ingested although I have enabled diagnostic settings of all the Public IP addresses?

eliekarkafy · ‎Aug 29 2023

you can check the data ingested from the log analytics workspace used with sentinel, but to be able to trigger an alert in sentinel you need to simulate an attack to one of your IP addresses

Arunprasadk · ‎Oct 12 2023

@Usama_Saleem Are you receive logs ? I am facing similar issues

Azure DDOS Protection connector not ingesting logs

Azure DDOS Protection connector not ingesting logs

Re: Azure DDOS Protection connector not ingesting logs

Re: Azure DDOS Protection connector not ingesting logs

Re: Azure DDOS Protection connector not ingesting logs

Re: Azure DDOS Protection connector not ingesting logs

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure DDOS Protection connector not ingesting logs