Azure Log Integration announcement
-
Link
The Azure Log integration feature will be deprecated by June 01, 2019
AzLog downloads will be disabled by June 27, 2018 - no new downloads after this date.
For guidance on using Azure monitor to integrate Azure logs with SIEM tools, review the official blog post https://azure.microsoft.com/blog/use-azure-monitor-to-integrate-with-siem-tools/
-
Link
Hey everyone!
Welcome to the Azure Log Integration forum!
Here you can ask questions about configuration, troubleshooting, capabilities and just about anything else you want to ask!
We will monitor this forum and provide answers when we have them. We hope that community will be a powerful force to help one another though, as often you come up with solutions before we do! :-)
Looking forward to working with all of you!
Thanks!
Tom
-
0 VotesDifference between xxxJson and xxxJsonLD folders
Hi, all. I feel like this is a very stupid, basic question but I haven't found anything in the docs to answer my question. I've got AzLog writing JSON files to the AzureResourceManagerJson and ...Answered | 2 Replies | 1139 Views | Created by Brian H Laws - Friday, June 15, 2018 4:29 PM | Last reply by Brian H Laws - Monday, June 18, 2018 8:03 PM
-
0 Votes
Want to monitor SQL logs and consume in SIEM using Azure Log Integrator
One of my customer is using SIEM to consume and analyze Azure IaaS VM logs in on-premise. currently they are looking for how to get SQL db logs (hosted in Azure VM) in existing SIEM ...Proposed | 2 Replies | 1073 Views | Created by pawan_kumar_das - Thursday, February 15, 2018 8:14 AM | Last reply by pawan_kumar_das - Wednesday, May 16, 2018 6:21 AM -
0 Votes
Active Directory Azure log Integration with Splunk
Dear I would like current information on how to integrate Azure's Active Directory logs with ...Answered | 1 Replies | 976 Views | Created by James_Hell - Wednesday, April 25, 2018 12:49 PM | Last reply by Femisulu - Sunday, April 29, 2018 12:03 AM -
0 Votes
Azure AD logs - Hp Arcsight - storage requirement
The Microsoft documentation seems to indicate an Azure storage account is required. I do not use VMs and Azure storage. I only use Azure AD and want to integrate the Azure AD logs with ...Proposed | 3 Replies | 998 Views | Created by soloman00 - Tuesday, February 27, 2018 3:44 PM | Last reply by Femisulu - Wednesday, March 28, 2018 10:56 AM -
0 Votes
Azure AD & ArcSight Integration
We are attempting to get the Security Alerts and Azure AD events into ArcSight. We do not have any VM's in the Azure Cloud. We do have Office 365 and ATP. Both of these produce ...Unanswered | 2 Replies | 1752 Views | Created by KimGraham - Tuesday, June 20, 2017 6:17 PM | Last reply by Femisulu - Wednesday, March 28, 2018 10:15 AM -
2 Votes
Azure Log Integration issue sending to SysLog
Get-AzLogEventDestination Name : QRadarConsole1 Type : ...Unanswered | 5 Replies | 1729 Views | Created by Brian Mahle - Friday, November 17, 2017 9:26 PM | Last reply by Zathaz - Thursday, March 15, 2018 8:57 PM -
0 Votes
Can Azure Log be used in store and analyze custom application logs?
Can I integrate log files from the log4J and log4Net to the Azure Log? What tool can I used to search and analyze these logs?Proposed | 1 Replies | 685 Views | Created by Hao Gu - Thursday, January 18, 2018 4:23 PM | Last reply by Femisulu - Wednesday, February 28, 2018 8:28 PM -
0 Votes
Azure Log integration to syslog
Azure Log integrator VM > Symantec Log collector VM > Symantec SOC service (external) Is this possible?Answered | 2 Replies | 1005 Views | Created by Mark Bedford - Sunday, January 28, 2018 11:52 PM | Last reply by Mark Bedford - Wednesday, February 21, 2018 10:21 PM -
0 Votes
How to use Event Log (Write in Event Viewer) in Azure?
I created a WebApplication MVC to write log in Azure. This is my controller: using System.Diagnostics; public ActionResult ...Unanswered | 1 Replies | 1068 Views | Created by NguyenSinh - Friday, February 2, 2018 9:42 AM | Last reply by AjayKumar-MSFT - Friday, February 2, 2018 8:52 PM -
0 Votes
Azure AD audit logs
Can Azure Log Integrator collect Azure AD audit logs (such as, directory role assignment changes)? Thanks!Answered | 1 Replies | 695 Views | Created by Sebastián Spinetti - Monday, December 11, 2017 7:47 PM | Last reply by Sebastián Spinetti - Monday, December 11, 2017 7:59 PM -
1 Votes
Problems installing Azure Log Integration
Hi, I've been trying to install Azure Log Integration now on multiple OS (Windows 10, Windows Server 2016 and Windows Server 2012 R2) but the installation always stops at the same ...Unanswered | 2 Replies | 1140 Views | Created by JulianGConsecur - Monday, September 11, 2017 12:47 PM | Last reply by mikebenko - Tuesday, October 24, 2017 3:26 PM -
0 Votes
DataLake -> StorageAccount -> Azure Log Integration
It would appear that Azure Log Integrator looks in the azure storage tables directories for diagnostics logs which is fine for many resources. However, when configuring data lake store to write ... -
0 Votes
Log File Location
Hi The service service by default is creating log files under c:\users\azlog ... i.e. the AzLog User Profile directory. We have way more disk space on a data partition and ... -
0 Votes
MFA on-premise and ArcSight.
When using MFA on-premise (https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-get-started-server) we are not able to get the client ip ... -
0 Votes
how to use azlog createzureid without passwords?
I'm following https://docs.microsoft.com/en-us/azure/security-center/security-center-integrating-alerts-with-log-integration When I run azlog createazureid, it prompts for a ... -
0 Votes
azlog schema/field documentation
Hello, is there a complete list of fields and their descriptions that can come from logs received by the azlog tool? Similar ...Unanswered | 4 Replies | 1096 Views | Created by nsitajes - Tuesday, May 9, 2017 9:09 AM | Last reply by Rob Martin [MSFT] - Thursday, June 8, 2017 12:12 PM -
0 Votes
Encountering error: Unexpected exception in worker thread - System.NullReferenceException
Unable to see forwarded events at the \Users\azlog\AzureResourceManagerJson and \Users\azlog\AzureResourceManagerJson upon checking this error was seen. kindly help in ...Unanswered | 1 Replies | 1045 Views | Created by VD2000 - Friday, June 2, 2017 2:35 PM | Last reply by Thomas W Shinder - MSFT - Wednesday, June 7, 2017 12:16 PM -
0 Votes
How do I log from Azure to an external program?
I need a system which reads new log entries from an azure function and outputs them to a logging program like SUMO Logic. This system needs to run outside of the azure function so as to increase ...Answered | 1 Replies | 1013 Views | Created by cpdances - Tuesday, May 9, 2017 6:28 AM | Last reply by Thomas W Shinder - MSFT - Tuesday, May 9, 2017 2:54 PM -
0 Votes
Service Principal credentials vs Azure user credentials in Azure Log Integration
On https://docs.microsoft.com/en-us/azure/security/security-azure-log-integration-ad it describes using the azlog createazureid to create a Service Principal for the AZ Log Integration. Am I ...Answered | 1 Replies | 1045 Views | Created by Simon-Turner - Thursday, April 27, 2017 9:48 AM | Last reply by Thomas W Shinder - MSFT - Monday, May 8, 2017 8:39 PM -
0 Votes
Is it necessary to pull logs from at least one VM to be able to pull Azure AD logs?
The article on log integration for Azure AD (https://docs.microsoft.com/en-us/azure/security/security-azure-log-integration-ad) says that "You must have successfully completed the ...Unanswered | 1 Replies | 893 Views | Created by Simon-Turner - Thursday, April 27, 2017 9:51 AM | Last reply by Thomas W Shinder - MSFT - Monday, May 8, 2017 7:51 PM
Azure Log Integration announcement
-
Link
The Azure Log integration feature will be deprecated by June 01, 2019
AzLog downloads will be disabled by June 27, 2018 - no new downloads after this date.
For guidance on using Azure monitor to integrate Azure logs with SIEM tools, review the official blog post https://azure.microsoft.com/blog/use-azure-monitor-to-integrate-with-siem-tools/
-
Link
Hey everyone!
Welcome to the Azure Log Integration forum!
Here you can ask questions about configuration, troubleshooting, capabilities and just about anything else you want to ask!
We will monitor this forum and provide answers when we have them. We hope that community will be a powerful force to help one another though, as often you come up with solutions before we do! :-)
Looking forward to working with all of you!
Thanks!
Tom
