Jan 19 2021 02:04 AM - edited Jan 19 2021 03:07 AM
Hi, I would like to know the process of how can we connect Varonis as a data connector in sentinel.
I understand that by reading this article Azure Sentinel: The connectors grand (CEF, Syslog, Direct, Agent, Custom and more) - Microsoft Tech ... , we can connect Varonis through CEF connector. And I have read the instructions mentioned in the article(Varonis DatAlert App and Technology Add-On for Splunk®),
This is what I understood, can anyone correct me if any?
***by this, varonis alerts/data will be sent to Syslog server****
3.now, we can connect easily from the Syslog server to sentinel easily by executing a few commands which I'm aware of.
Jan 20 2021 03:37 AM
@printscreen Yes correct, the 2 points as mentioned by you will be sufficient to connect Varonis to Azure Sentinel, provided you have all the configurations in place on Syslog Server for CEF forwarding.