Bendrinti naudojant


[Deprecated] Syslog connector for Microsoft Sentinel

Important

Log collection from many appliances and devices is now supported by the Common Event Format (CEF) via AMA, Syslog via AMA, or Custom Logs via AMA data connector in Microsoft Sentinel. For more information, see Find your Microsoft Sentinel data connector.

Syslog is an event logging protocol that is common to Linux. Applications will send messages that may be stored on the local machine or delivered to a Syslog collector. When the Agent for Linux is installed, it configures the local Syslog daemon to forward messages to the agent. The agent then sends the message to the workspace. For more information, see the Microsoft Sentinel documentation.

Note

Container Insights now supports the automatic collection of Syslog events from Linux nodes in your AKS clusters. To learn more, see Syslog collection with Container Insights.

This is autogenerated content. For changes, contact the solution provider.

Connector attributes

Connector attribute Description
Log Analytics table(s) Syslog
Data collection rules support Workspace transform DCR
Supported by Microsoft Corporation

Next steps

For more information, go to the related solution in the Azure Marketplace.