The solution provides data connectors and parsers for Linux Audit logs for use with Azure Sentinel.

The audit logs from Linux systems are collected with the NXLog Enterprise Edition agent through a dedicated module.

For additional information on how to set up, configure and collect logs from your Linux systems and send them to your Azure instance, refer to our guide on the following link: https://docs.nxlog.co/userguide/integrate/microsoft-azure-sentinel.html#forwarding-linux-audit-events-to-microsoft-sentinel