This installment is part of a broader series to keep you up to date with the latest features in Microsoft Sentinel. The installments will be bite-sized to enable you to easily digest the new content.
Note: The Log Analytics agent is sometimes referred to as the OMS Agent or the Microsoft Monitoring Agent (MMA).
We’ve made some improvements to the Log Analytics agent that will make it even easier and flexible for you to use across a wider range of platforms.
If you’re unfamiliar with this product, the Azure Log Analytics agent collects telemetry from Windows and Linux virtual machines in any cloud, on-premises machines, and those monitored by System Center Operations Manager and sends it collected data to your Log Analytics workspace. You can read more about it here. You can also read the release notes for the agent here.
In Microsoft Sentinel, it can be used to facilitate the sending of the following events to your workspace:
Windows Security events
Common Event Format (CEF) logs
Windows Firewall logs
Support for new operating systems
The Log Analytics agent can now be installed on an even wider range of Linux distros. We recently added support for:
Probably even more anticipated thenour expanded OS support, we are happy to announce that starting from Agent version 1.13.27, the Linux Log Analytics Agent will support both Python 2 and 3. This means that customers now have the option to use whatever Python version they prefer (or whatever comes by default on their machine). This works both for a direct install of the agent and when installing as part of the CEF log forwarder.
Get started today!
Try out the new connector and let us know your feedback using any of the channels listed in the Resources.