Share via

Sentinel Syslog Forwarder for Multiple device logs

Anonymous
2024-06-10T20:15:37+00:00

Hi All,

Currently i am working on setting up a syslog server configuration for azure sentinel.

Sentinel is a new instance , old one is splunk . For splunk syslog we have SC4S which is on prem VM .

So my question is here ,can we use the same VM to forwards mutltiple network/server(Audit logs,system and application) logs from the VM via AMA to sentinel.

if it is possible what are configurations need to be done on the VM (syslog forwarder). Can some one help me on the same.

Thanks in advance.

Windows Windows Client for IT Pros Devices and deployment System management components

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-06-11T14:22:17+00:00

    Hello Venkata Tejesh Reddy Boreddy,

    thank you for posting on the Microsoft Community Forums.

    Based on the description, I understand that your issue is related to Azure.

    Since there are no engineers dedicated to Azure in this forum. In order to be able to deal with your questions quickly and efficiently, I recommend that you repost your questions in the Q&A forum, where there will be a dedicated engineer to provide you with a professional and effective response.

    Here is a link to the Q&A forum: https://learn.microsoft.com/en-us/answers/questions/

    Have a nice day.

    Best regards,

    Lei

    0 comments