Questions tagged [azure-sentinel]

I am facing issue. We have setup log forwarder for sentinel and logs are frequently coming on /var/log/messages. Actual problem is i have created one script for log rotation and placed it under /etc/logrotate.d/ with name messages.conf below is the…

I have a patterndb config that is parsing pfsense filterlog messages to extract the various fields to send to Azure Sentinel in CEF format, it is largely working fine I need to set the Severity field of my event based upon the firewall action. for…