log ingestion from windows/ linux servers ( virtual machines ) and azure WAF in to Sentinel

Occasional Contributor

Hi All , having a requirement for log ingestion from windows/ linux servers ( azure virtual machines ) and WAF from client environment to our MDR


need suggestion to proceed , for MDE its a bit straight forward to add connectors , how about in this case 

3 Replies



Have you looked at the out of the box WAF solutions (under Data Connectors and Content Hub)?



@Clive_Watson how about windows and Linux server virtual machines 

best response confirmed by Victor1989 (Occasional Contributor)
You can use either the Microsoft Monitor agent (AKA Log Analytics agent) or the new Azure Monitor agent to get information directly from your machines. This link provides a comparison between the two at the bottom of the page: