Azures Sentinel Security Events collection using OMS gateway

Frequent Visitor

Hi all, 


I'm trying to collect Security Events from windows machines on-premises using the OMS gateway.

I've already added the MDATP subscription ID, I'm trying now to add the Sentinal Subscription ID. 

I have a firewall on the outbound traffic, so I need to add rules in the firewall to allow the Azure URLs .

I cannot find the URLs that OMS uses to communicate with azure (Log Analytics). 

Would you please advise which URLs should I allow on the firewall? 




0 Replies