Log Analytics Gateway


Hi folks


Some clarification needed please.


I want to ingest data from my on-prem Windows computers to Azure Sentinel.


I understand that I can use a Log Analytics Gateway (LAG) on-prem to act as a HTTP proxy/forwarder to the Azure Log Analytics Workspace (and subsequently Azure Sentinel).


How do I tell my on-prem Windows computers to use / go via the LAG? There is only an option to put in the Workspace ID.


Once installed, do I configure the proxy settings in the standalone OMS Agent on the Windows server to use the IP address and port of the on-prem LAG? 


Also, does the LAG need the standalone OMS agent installing as well?




1 Reply
1. Install the Gateway
"On the Port and proxy address page:
a. Enter the TCP port number to be used for the gateway. Setup uses this port number to configure an inbound rule on Windows Firewall. The default value is 8080."

2. Configure Agents with Proxy set to the Gateway name and its port
UI: "If the computer needs to communicate through a proxy server to the Log Analytics service, click Advanced and provide the URL and port number of the proxy server. "
PS: "OPINSIGHTS_PROXY_URL URI for the proxy to use"