Sep 10 2019
- last edited on
Dec 23 2021
Can we use exported Syslog data to connect with sentinel?
I have portion of my syslog data, which i want to integrate with Sentinel. As i don't want to install sentinel agent directly on my production syslog server.
Can Syslog agent can read the data from exported file?
Sep 10 2019 09:27 AM
@dileepjk you have to install the agent OR write something to upload the file to the log analytics API. if you write something it will end up in a custom log vs CommonSecurityLog