Is there any support for setting up a connector to ingest data into McAfee SIEM from Azure Sentinel? We are exploring 2 options:
- sending data to Event Hubs and subscribing the McAfee SIEM to them. This is the only way I can find documented by McAfee thus far
- aggregating Azure logs into Azure Sentinel and creating a connector somehow to allow the McAfee SIEM to ingest them. This could be simpler if possible, and cheap depending on amount of logging and retention in Sentinel.
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.