wwlpublish Connect syslog data sources to Microsoft Sentinel - Training
- This module covers configuring
Azure Monitor AgentforSyslog data collection on Linux, includinginstallation,setup, andverificationofSyslog logsin MicrosoftSentinel. Learners will be able to describe Data CollectionRules,installand configure the necessary extensions, and createKQL parsersfor analyzing Syslog data.
‣
Introduction
‣
Plan for syslog data collection
‣
Collect data from Linux-based sources using syslog
‣
Configure the Data Collection Rule for Syslog Data Sources
‣
Parse syslog data with KQL
‣
Knowledge check
‣