Onboarding Ivanti Application Control logs to Azure Sentinel

New Contributor

Hi all,
Just wondering if anyone has onboarded "Ivanti Application Control " logs to Azure Sentinel?

-Log source is  on-prem (No cloud presence, neither a connector available in Sentinel)
-Product does not support Syslog or CEF
-To extract logs from central management server you can use a data base query (DbConnect in Splunk World)
-To extract logs from clients you can extract logs from every client in  either XML or CSV format

Has anyone on-boarded these logs before or have any suggestions ?
Thank you

0 Replies