Previous

Next

Summary and resources

Completed

You should have learned how to send Syslog log data to the Microsoft Sentinel workspace using the provided data connector.

You should now be able to:

• Describe the Azure Monitor Agent Data Collection Rule (DCR) for Syslog
• Run the Azure Arc Linux deployment and connection scripts
• Install and Configure the Azure Monitor Linux Agent extension with the Syslog DCR
• Verify Syslog log data is available in Microsoft Sentinel
• Create a parser using KQL in Microsoft Sentinel

Learn more

You can learn more by reviewing the following.

Collect Syslog events with Azure Monitor Agent

Continue