I need guide to configure Solaris v10 devices to forward logs to Azure Sentinel

Singh, Sushmita[Non-Employee] 6 Reputation points
2021-09-10T10:52:29.587+00:00

I need guide to configure Solaris v10 devices to forward logs to Azure Sentinel. Can someone please help me with steps\document.

Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
986 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. VipulSparsh-MSFT 16,231 Reputation points Microsoft Employee
    2021-09-10T11:07:32.58+00:00

    @Singh, Sushmita[Non-Employee] Thanks for reaching out.

    For sending the Linux logs to Sentinel, you have 2 options :

    1) Install Log Analytics agent on your machine and have it forward the logs to your workspace.
    131112-image.png

    2) Some device types that don't allow local installation of the Log Analytics agent, the agent can be installed instead on a dedicated Linux-based log forwarder. The originating device must be configured to send Syslog events to the Syslog daemon on this forwarder instead of the local daemon.

    131107-image.png

    Read more information for detailed step : https://learn.microsoft.com/en-us/azure/sentinel/connect-syslog

    -----------------------------------------------------------------------------------------------------------------

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments