Veeam App for Microsoft Sentinel 1
User Guide
Search

Configuring Data Collection Rule

To configure a data collection rule for syslog messages sent from Veeam Backup & Replication and Veeam ONE servers, perform the following steps:

  1. Open the Data Connectors section:
  • If you use Microsoft Sentinel in the Microsoft Defender portal, click Microsoft Sentinel > Configuration > Data connectors in the portal menu.
  • If you use Microsoft Sentinel in the Microsoft Azure portal, click Configuration > Data connectors in the workspace menu.
  1. Select Syslog via AMA and click Open connector page.
  2. Click Create data connection rule.
  3. On the Basics tab of the wizard, enter the name of the rule.
  4. On the Resources tab of the wizard, select the machine used as a syslog forwarder.
  5. On the Collect tab of the wizard, do the following:
  1. Select the Collect messages without PRI header (facility and severity) check box.
  2. For the LOG_ALERT, LOG_SYSLOG and LOG_USER facilities, select LOG_DEBUG as the minimum log level.
  1. To review and create the rule, click Review + create.

Configuring Data Collection Rule 

View all results across Veeam Help Center
Back to document search