Hi Experts,
If I set up a CEF log forwarder in the on-premise environment with limited access, it will send the log to Sentinel.
How many IP addresses or Domains that I need to allow in the firewall policy?
From my understanding, Microsoft Sentinel is on top of other Services such as Azure Monitor.
IP addresses used by Azure Monitor - Azure Monitor | Microsoft Learn
Do I need to allow all the IP addresses used by Azure Monitor?
@CyrilChu Check out this link, this should help you
Download Azure IP Ranges and Service Tags – Public Cloud from Official Microsoft Download Center
For the Microsoft Sentinel IP ranges they are enclosed within that list (theres a list for Azure Sentinel), check it out 