Forum Discussion
Ingesting Sample data Log from GitHub repo to Sentinel
You can also use PowerShell to push a sample into its own table.
Resources for creating Microsoft Sentinel custom connectors | Microsoft Learn
the sample log path from GitHub I am trying to ingest is: https://github.com/Azure/Azure-Sentinel/blob/master/Sample%20Data/CEF/Forcepoint%20Cloud%20Security%20Gateway.csv
Upon running the Test, getting an error as "PUT action failed". Also, if I click on the Ingest, i am getting the same error.
please guide further on this.
- mikhailfFeb 14, 2023Steel Contributor
I do not have experience with Github URLs.
Several times we used *.csv and *.log (text) files to ingest custom logs into Sentinel and it worked well.
This PowerShell command imports a PowerShell object into Sentinel, so if you can create a PowerShell object with data from the GitHub link, it will work.
- mujju016Feb 16, 2023Copper Contributor
I am not good with PowerShell.
I have done all the setup for the GUI based ingestion.
For AkamaiSIEM logs, i was able to ingest but not able to ingest any other one. I am Getting the same error as "PUT action failed" every time i try to run the Test.
Need help in resolving the issue. is there any limitation with the input here? is it only one input allowed per 24 hours or in a day ?- mikhailfFeb 21, 2023Steel ContributorThere is no input limitation. You can ingest logs once a day or every 10 minutes.