avatorus...we are now trying to import logs from Azure environment to a windows server(mcafee utility server) using a script. we are already fetching the logs using that script on a azure vm.we have identified the url and opened port 443 fr the communication to start, but its not working .can you suggest the network requirements or anything else that we need to do in a server outside of azure.
Are you using Azure Log Integration to pull the events? What format are the events in?
we are using a .net script to import logs from azure db.The log is in IIS format. so we are using the below config:
Data source Vendor - Microsoft
Data source Model - IIS
Data Retrieval - CIFS File source
Data format - Default
We can see the logs in a windows folder and in a tcpdump too, but we are not able to see the logs in the console. Any suggestions??
Have you tried setting Support Generic Syslogs to Log "unknown syslog" event under the data source? If the events aren't being parsed this would cause them to show up as 'Unknown' and confirm that it was parsing related.