Denne nettleseren støttes ikke lenger.
Oppgrader til Microsoft Edge for å dra nytte av de nyeste funksjonene, sikkerhetsoppdateringene og den nyeste tekniske støtten.
Windows Firewall is a Microsoft Windows application that filters information coming to your system from the internet and blocking potentially harmful programs. The firewall software blocks most programs from communicating through the firewall. To stream your Windows Firewall application logs collected from your machines, use the Azure Monitor agent (AMA) to stream those logs to the Microsoft Sentinel workspace.
A configured data collection endpoint (DCE) is required to be linked with the data collection rule (DCR) created for the AMA to collect logs. For this connector, a DCE is automatically created in the same region as the workspace. If you already use a DCE stored in the same region, it's possible to change the default created DCE and use your existing one through the API. DCEs can be located in your resources with SentinelDCE prefix in the resource name.
For more information, see the following articles:
This is autogenerated content. For changes, contact the solution provider.
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | ASimNetworkSessionLogs |
| Data collection rules support | Workspace transform DCR |
| Supported by | Microsoft Corporation |
For more information, go to the related solution in the Azure Marketplace.
Opplæring
Modul
Connect Windows hosts to Microsoft Sentinel - Training
Connect Windows hosts to Microsoft Sentinel
Sertifisering
Microsoft Certified: Security Operations Analyst Associate - Certifications
Undersøke, søke etter og redusere trusler ved hjelp av Microsoft Sentinel, Microsoft Defender for Cloud og Microsoft 365 Defender.