Forum Discussion
Solved
log ingestion from windows/ linux servers ( virtual machines ) and azure WAF in to Sentinel
Hi All , having a requirement for log ingestion from windows/ linux servers ( azure virtual machines ) and WAF from client environment to our MDR
need suggestion to proceed , for MDE its a bit straight forward to add connectors , how about in this case
- You can use either the Microsoft Monitor agent (AKA Log Analytics agent) or the new Azure Monitor agent to get information directly from your machines. This link provides a comparison between the two at the bottom of the page: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview
Have you looked at the out of the box WAF solutions (under Data Connectors and Content Hub)?
Clive_Watson how about windows and Linux server virtual machines
- GBushey
Microsoft
You can use either the Microsoft Monitor agent (AKA Log Analytics agent) or the new Azure Monitor agent to get information directly from your machines. This link provides a comparison between the two at the bottom of the page: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agents-overview
