Microsoft Sentinel SIEM

Step 1: Log into your Azure portal and navigate to Microsoft Sentinel in your subscription.

Step 2: Locate the Log Analytics Workspace associated with Microsoft Sentinel or create one. In the example below, BlueHexagonLogs is the name of the Log Analytics Workspace

Open

Step 3: Navigate to Dashboard → Log Analytics Workspaces and locate the workspace and click to view details

Open

Step 4: Click on Agents management → grab the Workspace ID and either ONE of primary or secondary key and share with your Blue Hexagon representative. Once we enable the connector on our backend alerts should flow into the Log Analytics Workspace. The keys are the same for Windows or Linux servers tabs so either can be used.