cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Secure Tech Accelerator
Apr 13 2023, 07:00 AM - 12:00 PM (PDT)
Microsoft Tech Community
Find out more

Raw logs data in sentinel

yaniys04
New Contributor

‎Dec 19 2020 03:12 AM

‎Dec 19 2020 03:12 AM

Raw logs data in sentinel

I have been exploring sentinel for quite some time now but I'm unable to figure out how to see the raw logs coming out from different sources. We can see it on different SIEM solutions like Qradar/splunk.

To explain better: I wanna see what logs have come in from a specific machine in last 1 hour.

3,057 Views
0 Likes
1 Reply
Reply
1 Reply
Gary Bushey

‎Dec 20 2020 07:31 AM

‎Dec 20 2020 07:31 AM

Re: Raw logs data in sentinel

@yaniys04 I do not believe the raw logs coming via Syslog or CEF are stored anywhere.  You can write your queries to be able to see the information coming from individual machines as long as that information is being passed in.

1 Like
Reply