Jun 10 2021 02:13 AM
Hi community,
I want to export Kaspersky logs to Azure Sentinel for that I need AZ Sentinel server address (IP) and Z Azure Sentinel server port.
How would I find my Sentinel IP and port address?
Jun 10 2021 03:53 AM
Solution@zubairrahimsoc I have not actually used the data connector before however, based on what the documentation is stating, it appears that you would need to setup a CEF Server (using the instructions in the Azure Sentinel CEF Data Connector) and then use that server's IP address and the ingestion port (which I believe is 514). Then the CEF server can handle sending the data into Azure Sentinel.
Jun 10 2021 03:53 AM
Solution@zubairrahimsoc I have not actually used the data connector before however, based on what the documentation is stating, it appears that you would need to setup a CEF Server (using the instructions in the Azure Sentinel CEF Data Connector) and then use that server's IP address and the ingestion port (which I believe is 514). Then the CEF server can handle sending the data into Azure Sentinel.