Jan 13 2022 02:56 AM
Hello everybody, I'd like to understand if in Azure Sentinel exists any way to extract the raw logs, without any parsing or normalization, for example a full sysog like the following one and not the table with already extracted field (EventTime, Facility, SeverityLevel, Hostname, SyslogMessage):
<34>1 2020-10-11T22:14:15.003Z host.domain - example message
Thank you in advance for any hint.
Jan 13 2022 11:58 AM