Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home Security and Compliance

What’s new: Improvements to the Log Analytics Agent

Azure Sentinel News Editor by Azure Sentinel News Editor
December 18, 2020
in Security and Compliance
0
CRITICALSTART Adds Support for Microsoft Azure Sentinel to MDR Services
5.6kViews
727 Shares Share on Facebook Share on Twitter

This installment is part of a broader series to keep you up to date with the latest features in Azure Sentinel. The installments will be bite-sized to enable you to easily digest the new content. 

Note: The Log Analytics agent is sometimes referred to as the OMS Agent or the Microsoft Monitoring Agent (MMA). 

We’ve made some improvements to the Log Analytics agent that will make it even easier and flexible for you to use across a wider range of platforms. 

If you’re unfamiliar with this product, the Azure Log Analytics agent collects telemetry from Windows and Linux virtual machines in any cloud, on-premises machines, and those monitored by System Center Operations Manager and sends it collected data to your Log Analytics workspace. You can read more about it here. You can also read the release notes for the agent here.

In Azure Sentinel, it can be used to facilitate the sending of the following events to your workspace: 

  • Windows Security events 
  • Syslog 
  • Common Event Format (CEF) logs 
  • Windows Firewall logs
  • DNS logs
  • IIS logs
  • Network connections

Support for new operating systems 

The Log Analytics agent can now be installed on an even wider range of Linux distros. We recently added support for: 

  • CentOS 8 
  • RedHat 8 
  • SUSE Linux 15 

Click here to see the full list of supported OSs.

Support for Python 3 

Probably even more anticipated then our expanded OS support, we are happy to announce that starting from Agent version 1.13.27, the Linux Log Analytics Agent will support both Python 2 and 3. This means that customers now have the option to use whatever Python version they prefer (or whatever comes by default on their machine). This works both for a direct install of the agent and when installing as part of the CEF log forwarder.

Get started today! 

Try out the new connector and let us know your feedback using any of the channels listed in the Resources. 

You can also contribute new connectors, workbooks, analytics and more in Azure Sentinel. Get started now by joining the Azure Sentinel Threat Hunters GitHub community and follow the guidance. 

With thanks to @Jeremy Tan, @Chi_Nguyen and @Ofer_Shezaf for their inputs on this blog post.

Reference:https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-improvements-to-the-log-analytics-agent/ba-p/1983735

Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

Vectra AI and Microsoft partner on security integration
Security and Compliance

Replay Now Available – Microsoft Security Insights 036: Azure Sentinel with Rod Trent

February 8, 2021
What’s new: Microsoft Teams connector in Public Preview
Security and Compliance

eBook Available for Managing Azure Sentinel with PowerShell

January 6, 2021
Microsoft is quietly becoming a cybersecurity powerhouse
Security and Compliance

Official Azure Sentinel PowerShell Module Released

January 4, 2021
Next Post
Microsoft suspends 18 Azure accounts tied to China-based hackers

How to export data from Splunk to Azure Sentinel

CRITICALSTART Adds Support for Microsoft Azure Sentinel to MDR Services

What's new: Monitoring your Logic Apps Playbooks in Azure Sentinel

With new release, CrowdStrike targets Google Cloud, Azure and container adopters

What's new: New Fusion detections and BYOML in public preview!

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

What’s new: Microsoft Teams connector in Public Preview

The Best Online Microsoft Azure Courses and Training

3 months ago
Microsoft brings endpoint & Azure security under Microsoft Defender

What’s new: Office 365 Advanced Threat Protection connector in Public Preview

3 months ago
Microsoft Rolling Out Policy Previews for Insider Risk Management Service

Microsoft Rolling Out Policy Previews for Insider Risk Management Service

4 months ago
Microsoft is quietly becoming a cybersecurity powerhouse

Windows Server Netlogon Exploit Code Publicly Exposed, CISA Warns

3 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository

Azure Sentinel Weekly Newsletter

How to Generate Azure Sentinel Incidents for Testing

Trending

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SOC

How to be Mindful Against Dupes and Noise with the new Azure Sentinel/M365 Defender Integration

by Azure Sentinel News Editor
March 8, 2021
0

I’ve spent a good amount of time so far on this blog talking about steps on how...

With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

March 5, 2021
Vectra AI and Microsoft partner on security integration

How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks

March 4, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

March 3, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

March 3, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to be Mindful Against Dupes and Noise with the new Azure Sentinel/M365 Defender Integration March 8, 2021
  • Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA March 5, 2021
  • How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks March 4, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News