%3CLINGO-SUB%20id%3D%22lingo-sub-2820299%22%20slang%3D%22en-US%22%3EOnboarding%20Ivanti%20Application%20Control%20logs%20to%20Azure%20Sentinel%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2820299%22%20slang%3D%22en-US%22%3E%3CP%3EHi%20all%2C%3CBR%20%2F%3EJust%20wondering%20if%20anyone%20has%20onboarded%20%3CA%20title%3D%22Ivanti%20Application%20Control%22%20href%3D%22https%3A%2F%2Fwww.ivanti.com.au%2Fproducts%2Fapplication-control%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3E%22Ivanti%20Application%20Control%20%22%3C%2FA%3E%20logs%20to%20Azure%20Sentinel%3F%3CBR%20%2F%3E%3CBR%20%2F%3E-Log%20source%20is%26nbsp%3B%20on-prem%20(No%20cloud%20presence%2C%20neither%20a%20connector%20available%20in%20Sentinel)%3CBR%20%2F%3E-Product%20does%20not%20support%20Syslog%20or%20CEF%3CBR%20%2F%3E-To%20extract%20logs%20from%20central%20management%20server%20you%20can%20use%20a%20data%20base%20query%20(DbConnect%20in%20Splunk%20World)%3CBR%20%2F%3EOR%3CBR%20%2F%3E-To%20extract%20logs%20from%20clients%20you%20can%20extract%20logs%20from%20every%20client%20in%26nbsp%3B%20either%20XML%20or%20CSV%20format%3CBR%20%2F%3E%3CBR%20%2F%3EHas%20anyone%20on-boarded%20these%20logs%20before%20or%20have%20any%20suggestions%20%3F%3CBR%20%2F%3EThank%20you%3CBR%20%2F%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E

Discussion Options

Subscribe to RSS Feed
Mark Discussion as New
Mark Discussion as Read
Pin this Discussion for Current User
Bookmark
Subscribe
Printer Friendly Page

Aman_Khan

Regular Visitor

‎Oct 06 2021 06:25 PM

Mark as New
Bookmark
Subscribe
Mute
Subscribe to RSS Feed
Permalink
Print
Email to a Friend
Report Inappropriate Content

‎Oct 06 2021 06:25 PM

Onboarding Ivanti Application Control logs to Azure Sentinel

Hi all,
Just wondering if anyone has onboarded "Ivanti Application Control " logs to Azure Sentinel?

-Log source is on-prem (No cloud presence, neither a connector available in Sentinel)
-Product does not support Syslog or CEF
-To extract logs from central management server you can use a data base query (DbConnect in Splunk World)
OR
-To extract logs from clients you can extract logs from every client in either XML or CSV format

Has anyone on-boarded these logs before or have any suggestions ?
Thank you



257 Views

0 Likes



0 Replies

All Discussions
Previous Discussion
Next Discussion

0 Replies

What's new

Surface Pro X
Surface Laptop 3
Surface Pro 7
Windows 10 Apps
Office apps

Microsoft Store

Account profile
Download Center
Microsoft Store support
Returns
Order tracking
Store locations
Buy online, pick up in store
In-store events

Education

Microsoft in education
Office for students
Office for schools
Deals for students and parents
Microsoft Azure in education

Enterprise

Azure
AppSource
Automotive
Government
Healthcare
Manufacturing
Financial Services
Retail

Developer

Microsoft Visual Studio
Window Dev Center
Developer Network
TechNet
Microsoft developer program
Channel 9
Office Dev Center
Microsoft Garage

Company

Careers
About Microsoft
Company News
Privacy at Microsoft
Investors
Diversity and inclusion
Accessibility
Security

Sitemap
Contact Microsoft
Privacy
Manage cookies
Terms of use
Trademarks
Safety and eco
About our ads
© Microsoft

Products (71)

Special Topics (42)

Video Hub (803)

Most Active Hubs

Most Active Hubs

Video Hub

Onboarding Ivanti Application Control logs to Azure Sentinel

Onboarding Ivanti Application Control logs to Azure Sentinel