Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 1

Integration with Azure

Hi All

Is there any recommendation on integrating SIEM with Azure, what are best practices?

Do I need to have Receiver in Azure which forwards event to the on prem SIEM?

Does adding the  Microsoft Azure Event Hub sufficient enough for all logs from Azure?

What are the pro's and con's?

Do I add individual Azure devices into SIEM? For eg. I have Firewalls in Azure - the logs go to the Azure Event hub and then sent to SIEM? 

or the Firewall is added directly into SIEM?

What happens to parsers - how does SIEM log data from event hub?

Microsoft does not have official support from Mcafee so any one who has implemented this solution or or in the same boat as me could perhaps comment !


You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community