Connect Common Event Format logs to Microsoft Sentinel

Connect Common Event Format logs to Microsoft Sentinel

Most vendor-provided connectors utilize the CEF connector. Learn about the Common Event Format (CEF) connector's configuration options.

Security Operations Analyst
Azure
Log Analytics
Microsoft Sentinel

Module Objectives

Upon completion of this module, the learner will be able to:

  • Explain the Common Event Format connector deployment options in Microsoft Sentinel
  • Run the deployment script for the Common Event Format connector

Units

Prerequisites

  • Basic knowledge of operational concepts such as monitoring, logging, and alerting
  • Basic knowledge of Linux