Forum Discussion
Connector for on-premises windows to azure sentinel
Azure Sentinel has CEF and Syslog Data connectors, Sentinel uses Log Analytics which has both an agent for Linux (Syslog v1) and Windows. Go to the "workspace settings" menu in Sentinel, then "advanced settings" and add the agent for Windows.
https://docs.microsoft.com/en-us/services-hub/health/mma-setup
It is on a Windows Host, I installed the MMA (64-bit) as Add Connector for my Sentinel Workspace and it is been more than 12 hours of my configuration. But I can only receive HeartBeat events from this connector.
Microsoft
If you have Heartbeat data then the MMA is working, what other data were you expecting?
Go to Log Analytics and Run Query
Have you added other data to be collected in 'advanced settings' - Data e.g. https://docs.microsoft.com/en-us/azure/azure-monitor/platform/data-sources-windows-events
