Note: There may be known issues pertaining to this Solution, please refer to them before installing.

Sysmon for Linux provides detailed information about process creations, network connections and other system events. The Sysmon for Linux connector uses Syslog as its data ingestion method. This solution depends on ASIM to work as expected. Deploy ASIM to get the full value from the solution.

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

a. Agent-based log collection (Syslog)

Data Connectors: 1

Learn more about Microsoft Sentinel | Learn more about Solutions