Hi,
Thanks for posting here.
Please refer this official document of Connect Windows firewall:
https://learn.microsoft.com/en-us/azure/sentinel/connect-windows-firewall
Best regards
Cherry
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello All,
Kindly suggest me how to take the Windows Firewall logs to Sentinel.
Thank You
Hi,
Thanks for posting here.
Please refer this official document of Connect Windows firewall:
https://learn.microsoft.com/en-us/azure/sentinel/connect-windows-firewall
Best regards
Cherry
@Rohit You would need to add a Data connector for windows firewall. Check the screenshot for reference :
Once you add above, you would need to install the agent on either on your Azure Windows Virtual machine or Non-Azure windows machine.
When the agent are installed, you can now install the windows firewall solution for your Sentinel workspace as per following screenshot :
-----------------------------------------------------------------------------------------------------------------
If the suggested response helped you resolve your issue, do click on "Mark as Answer" and "Up-Vote" for the answer that helped you for benefit of the community.