Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

log ingestion from windows/ linux servers ( virtual machines ) and azure WAF in to Sentinel

Copper Contributor

Hi All , having a requirement for log ingestion from windows/ linux servers ( azure virtual machines ) and WAF from client environment to our MDR

 

need suggestion to proceed , for MDE its a bit straight forward to add connectors , how about in this case 

3 Replies

@Victor1989 

 

Have you looked at the out of the box WAF solutions (under Data Connectors and Content Hub)?

Clive_Watson_0-1661940662775.png

 

@Clive_Watson how about windows and Linux server virtual machines 

best response confirmed by Victor1989 (Copper Contributor)
Solution
You can use either the Microsoft Monitor agent (AKA Log Analytics agent) or the new Azure Monitor agent to get information directly from your machines. This link provides a comparison between the two at the bottom of the page: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview
1 best response

Accepted Solutions
best response confirmed by Victor1989 (Copper Contributor)
Solution
You can use either the Microsoft Monitor agent (AKA Log Analytics agent) or the new Azure Monitor agent to get information directly from your machines. This link provides a comparison between the two at the bottom of the page: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview

View solution in original post