Hi all,
Just wondering if anyone has onboarded "Ivanti Application Control " logs to Azure Sentinel?

-Log source is on-prem (No cloud presence, neither a connector available in Sentinel)
-Product does not support Syslog or CEF
-To extract logs from central management server you can use a data base query (DbConnect in Splunk World)
OR
-To extract logs from clients you can extract logs from every client in either XML or CSV format

Has anyone on-boarded these logs before or have any suggestions ?
Thank you



760 Views

0 Likes



0 Replies

All Discussions
Previous Discussion
Next Discussion

0 Replies

Share to LinkedIn
Share to Facebook
Share to Twitter
Share to Reddit
Share to Email

What's new

Surface Pro X
Surface Laptop 3
Surface Pro 7
Windows 10 Apps
Office apps

Microsoft Store

Account profile
Download Center
Microsoft Store support
Returns
Order tracking
Store locations
Buy online, pick up in store
In-store events

Education

Microsoft in education
Office for students
Office for schools
Deals for students and parents
Microsoft Azure in education

Enterprise

Azure
AppSource
Automotive
Government
Healthcare
Manufacturing
Financial Services
Retail

Developer

Microsoft Visual Studio
Window Dev Center
Developer Network
TechNet
Microsoft developer program
Channel 9
Office Dev Center
Microsoft Garage

Company

Careers
About Microsoft
Company News
Privacy at Microsoft
Investors
Diversity and inclusion
Accessibility
Security

Sitemap
Contact Microsoft
Privacy
Manage cookies
Terms of use
Trademarks
Safety and eco
About our ads
© Microsoft

Products (68)

Special Topics (42)

Video Hub (872)

Most Active Hubs

Most Active Hubs

Video Hub

Onboarding Ivanti Application Control logs to Azure Sentinel

Onboarding Ivanti Application Control logs to Azure Sentinel