Hi ArharbiAdnane,
Security Onion supports syslog, so you would pull it into Sentinel like any other syslog source via the OMS agent installed on a linux server.
You can then parse it directly with kql queries to pull out the fields of interest.
reference:
syslog-output.html