Apr 21 2021
Some clarification needed please.
I want to ingest data from my on-prem Windows computers to Azure Sentinel.
I understand that I can use a Log Analytics Gateway (LAG) on-prem to act as a HTTP proxy/forwarder to the Azure Log Analytics Workspace (and subsequently Azure Sentinel).
How do I tell my on-prem Windows computers to use / go via the LAG? There is only an option to put in the Workspace ID.
Once installed, do I configure the proxy settings in the standalone OMS Agent on the Windows server to use the IP address and port of the on-prem LAG?
Also, does the LAG need the standalone OMS agent installing as well?
Apr 28 2021