Windows Security Events via AMA connector for Microsoft Sentinel
You can stream all security events from the Windows machines connected to your Microsoft Sentinel workspace using the Windows agent. This connection enables you to view dashboards, create custom alerts, and improve investigation. This gives you more insight into your organization’s network and improves your security operation capabilities.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | SecurityEvent |
Data collection rules support | Azure Monitor Agent DCR |
Supported by | Microsoft Corporation |