Recent Blog ArticlesMost RecentMost LikesRe: Forward On-Premises Windows Security Event Logs to Microsoft Sentinel Not aware of a way to do that. Re: Forward On-Premises Windows Security Event Logs to Microsoft Sentinel You defintely can collect via the AMA now, so it will depend on how you want to collect from the endpoints. How to Create an xPath Filter for a Data Collection Rule In the world of data collection, efficiency is key. Just as my miniature schnauzer buddy, Raven, has a knack for sniffing out the most interesting scents while ignoring the mundane, an xPath filter c...Migrating from the Azure MMA to AMA Agent I have another conversation about the sunset of the Microsoft Monitoring Agent (MMA). Back on November 13, 2023 I posted and article on how to do a bulk removal of the Azure MMA agent, but before you...Azure MMA Agent Bulk Removal The Legacy Azure Microsoft Monitoring Agent (MMA) is scheduled for retirement in August 2024. To ensure a smooth transition and prevent duplication of logging data, it is strongly recommended to repl...Re: Azure MMA Agent Bulk Removal The documentation was updated on Friday, August 9, 2024. Archive MDE Data to Event Hubs to ADX Embark on a journey through the digital landscape as we uncover the secrets of exporting data from Defender for Endpoint to Azure Storage. Whether it’s basking in the cloud’s expanse or lying in wait...Re: Archive MDE Data to Event Hubs to ADX Stefanpe, Valid information. It was meant for non-Sentinel users I modify the content on this blog to move to ADX Cluster storage sent via an Azure Event Hub Monitoring for an Azure Server Going Offline Azure Monitor is a beneficial tool that has low costs for logs that are already in the tool. The main expenses for Azure Monitor come from ingesting the logs, so using the monitoring tool for data th...Re: Monitoring for an Azure Server Going Offline Sorry I haven't. I would defer to the support team, since they have most likely spoke to the Product team that is going to be your best source of information.
MicrosoftMicrosoftMicrosoftMicrosoft
