![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 41%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGH%3C/text%3E%3C/svg%3E)
1,295 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 4%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Hello @Georges Hayek ,
Welcome to Microsoft Q&A again and thank you for posting your questions here.
For a clarity, you were asking, if possible and if it is feasible for you to configure multiple data connectors on the same linux cef forwarder,
Absolutely Yes! Using multiple data connectors for a table required more work out-of-the-box experience. To start with if you will want to forward multiple logs to Microsoft Sentinel workspace for the purpose of CEF forwarder.
You'll need to designate and configure a Linux machine that will collect the logs from your devices and forward them to your Microsoft Sentinel workspace. This machine can be a physical or virtual machine in your on-premises environment, an Azure VM, or a VM in another cloud. This machine has two components that take part in this process: A syslog daemon, either rsyslog or syslog-ng, that collects the logs. The Log Analytics Agent (also known as the OMS Agent), that forwards the logs to Microsoft Sentinel.
Also, to configure multiple data connectors for a table, you can use Excel to create and edit connections to external data sources that are stored in a workbook or in a connection file. You can easily manage these connections, including creating, editing, and deleting them using the current Queries & Connections pane or the Workbook Connections dialog box (available in previous versions)
The best examples are discussed in the following links:
- Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentinel.
- Create, edit, and manage connections to external data.
I hope this is helpful! You can vote for this answer if you found it useful.
PS: Do not hesitate to let me know if you have any other questions.
Best Regards,
Sina Salam