End-to-End Configuring a RHEL 8 Common Event Format Forwarder for Sentinel

Update 2021-01-13 9:15 AM CST: Added additional resources at the end of the article Update 2021-03-23 2:31 PM CDT: Added additional firewall configuration for port 514 and additional SELinux configuration. Azure Sentinel is Microsoft's cloud-native SIEM/SOAR. While being cloud-native means that there is little to no configuration required to ingest a variety of log sources, … Continue reading End-to-End Configuring a RHEL 8 Common Event Format Forwarder for Sentinel