azure:azure_sentinel

This is an old revision of the document!

Azure Sentinel

Quick-n-Dirty

  • Azure Monitor Agent (AMA), collects monitoring data from VMs and sends it to Azure Monitor
  • For non-Azure VMs to be integrated with Sentinel they need to be have the Azure Arc agent installed, which makes them Arc-enabled.
  • Azure Arc agent is also called the Azure Connected Machine agent.
    • This agent does not replace the Azure Log Analytics agent, it works in conjunction with it.
    • How does it relate to the Azure Monitoring Agent?
  • https://docs.microsoft.com/en-us/azure/azure-arc/servers/agent-overview

To Explore

  • azure/azure_sentinel.1632162425.txt.gz
  • Last modified: 2021/09/20 18:27
  • by mmuze