Microsoft Sentinel SIEM
Step 1: Log into your Azure portal and navigate to Microsoft Sentinel in your subscription.
Step 2: Locate the Log Analytics Workspace associated with Microsoft Sentinel or create one. In the example below, BlueHexagonLogs is the name of the Log Analytics Workspace
Step 3: Navigate to Dashboard → Log Analytics Workspaces and locate the workspace and click to view details
Step 4: Click on Agents management → grab the Workspace ID and either ONE of primary or secondary key and share with your Blue Hexagon representative. Once we enable the connector on our backend alerts should flow into the Log Analytics Workspace. The keys are the same for Windows or Linux servers tabs so either can be used.
Â
Blue Hexagon Proprietary