Can we use exported Syslog data to connect with sentinel?

Occasional Visitor

Can we use exported Syslog data to connect with sentinel?

 

I have portion of my syslog data, which i want to integrate with Sentinel. As i don't want to install sentinel agent directly on my production syslog server.

 

Can Syslog agent can read the data from exported file? 

1 Reply

@dileepjk you have to install the agent OR write something to upload the file to the log analytics API.  if you write something it will end up in a custom log vs CommonSecurityLog