This article explains how to connect your <> appliance to Microsoft Sentinel. The <> data connector allows you to easily connect your <> logs with Microsoft Sentinel, to view dashboards, create custom alerts, and improve investigation. <>. Integration between <> and Microsoft Sentinel makes use of Syslog.
Note
Data will be stored in the geographic location of the workspace on which you are running Azure Sentinel.
Configure <> to forward Syslog messages to your Azure workspace via the Syslog agent.
- In the Azure portal, navigate to Azure Microsoft > Data connectors and then select the <> connector.
- Select Open connector page.
- Follow the instructions on the <> page.
After a successful connection is established, the data appears in Log Analytics under Syslog.
It may take upwards of 20 minutes until your logs start to appear in Log Analytics.
In this document, you learned how to connect <> to Microsoft Sentinel. To learn more about Microsoft Sentinel, see the following articles:
- Learn how to get visibility into your data, and potential threats.
- Get started detecting threats with Microsoft Sentinel.
- Use workbooks to monitor your data.
<### Install as a solution (Preview)
Include this section if you are planning on publishing your data connector as a Microsoft Sentinel solution. Microsoft Sentinel solutions provide an in-product experience for central discoverability, single-step deployment, and enablement of end-to-end product and/or domain and/or vertical scenarios in Microsoft Sentinel. For example, use solutions to deliver your data connector packaged with related analytics rules, workbooks, playbooks, and more.
- When relevant, add instructions for installing your solution, either from the Azure Marketplace, or from the Microsoft Sentinel content hub.
- If your solution is being published to the content hub, also open a PR to have it listed in our content hub catalog. On the docs page, click Edit to open your PR.
For more information, see the Microsoft Sentinel solution overview and our Guide to Building Microsoft Sentinel Solutions.>