共用方式為


How to get Azure Log Information into your on-premises SIEM

imageAzure IaaS and PaaS services generate a ton of information that you can use to improve your overall security posture.

The age old problem is getting to all that information and bringing into a single system so that you can crunch it. If you can crunch it, you can turn data into information and convert information into knowledge. With that knowledge you can take decision actions to improve your prevention, detection and response processes.

How do you do that when you have to bring in:

  • Azure Diagnostics for Linux VMs
  • Azure Diagnostics for Windows VMs
  • Logs from virtual appliances, such as web application firewalls
  • Logs from on-premises resources
  • Azure Audit Logs
  • Azure Security Center Alerts

The answer is Azure Log Integration! You can use Azure Log Integration to bring all this information into your own SIEM (on-premises or in the cloud). Get started today!

Introduction to Azure Log Integration (Preview)

Remember that Azure Log Integration is in public preview, so your feedback is super important to us! If you have problems, questions, concerns, or praise, let us know in the Comment section below.

Thanks!

Tom

Tom Shinder
Program Manager, Azure Security
@tshinder | Facebook | LinkedIn | Email | Web | Bing me! | GOOG me!

image