Hi all,
Just wondering if anyone has onboarded "Ivanti Application Control " logs to Azure Sentinel?
-Log source is on-prem (No cloud presence, neither a connector available in Sentinel)
-Product does not support Syslog or CEF
-To extract logs from central management server you can use a data base query (DbConnect in Splunk World)
OR
-To extract logs from clients you can extract logs from every client in either XML or CSV format
Has anyone on-boarded these logs before or have any suggestions ?
Thank you