How to get Azure Log Information into your on-premises SIEM

Azure IaaS and PaaS services generate a ton of information that you can use to improve your overall security posture.

The age old problem is getting to all that information and bringing into a single system so that you can crunch it. If you can crunch it, you can turn data into information and convert information into knowledge. With that knowledge you can take decision actions to improve your prevention, detection and response processes.

How do you do that when you have to bring in:

• Azure Diagnostics for Linux VMs
• Azure Diagnostics for Windows VMs
• Logs from virtual appliances, such as web application firewalls
• Logs from on-premises resources
• Azure Audit Logs
• Azure Security Center Alerts

The answer is Azure Log Integration! You can use Azure Log Integration to bring all this information into your own SIEM (on-premises or in the cloud). Get started today!

Introduction to Azure Log Integration (Preview)

• Download the Azure Log Integration .msi file to install on your log integration machine
• Get started with Azure Log Integration (Preview)
• Integrate Azure Log Integration with popular on-premises SIEMs
• Integrate Azure Security Center alerts with Azure Log Integration
• Check out the Azure Log Integration FAQ 
• Learn about new features for Azure diagnostics and Azure Audit Logs

Remember that Azure Log Integration is in public preview, so your feedback is super important to us! If you have problems, questions, concerns, or praise, let us know in the Comment section below.

Thanks!

Tom

Tom Shinder
Program Manager, Azure Security
@tshinder | Facebook | LinkedIn | Email | Web | Bing me! | GOOG me!