How to forward multiple NSG ( different subsciption) logs to LogAnalystics workspace

JILIN MR 26 Reputation points
2022-04-20T14:54:39.647+00:00

Scenario:

Currently, log Log Analytics workspace and azure sentinel are the same subscriptions. The requirement is all NSG logs ( different subscriptions and different locations) need to forward into existing Log Analytics workspace. Kindly suggest how can we forward

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,811 questions
Azure Policy
Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
798 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,199 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
986 questions
0 comments
Accepted answer
  1. Andrew Blumhardt 9,496 Reputation points Microsoft Employee
    2022-04-20T15:52:57.143+00:00

    This is best set using Azure policy. You should have a definition called "Configure diagnostic settings for Azure Network Security Groups to Log Analytics workspace".

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest