question

JuanAraya-3904 avatar image
0 Votes"
JuanAraya-3904 asked JamesTran-MSFT answered

how to send MYSQL audit logs to Sentinel?

Hi

We have an AWS EC2 instance running a MYSQL DB. We would like to send the MYSQL audit logs(JSON format) to Azure Sentinel. Is it there a connector or process to meet this requirement?

microsoft-sentinel
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JamesTran-MSFT avatar image
0 Votes"
JamesTran-MSFT answered

@JuanAraya-3904
Thank you for your post!

Unfortunately, I wasn't able to find any connector available within Azure Sentinel that would allow you to connect a MySQL DB directly to a Sentinel workspace. If you'd like this feature to be implemented, I'd recommend submitting a Feature Request to our Azure Sentinel team via their - Resources GitHub page.

143593-image.png

I've also reached out to our Azure Sentinel team to see if there are any other processes/routes you can take to meet your requirement. In the meantime, can you share some more details regarding your environment, so I can gain a better understanding of your issue?

  • How're you getting these logs?

  • Are these logs stored within your AWS VM or within Azure?

  • Are you using any other security features such as Azure Security Center with your AWS or MYSQL instance?

Any additional information would be greatly appreciated!



If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.


image.png (44.6 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.