Veeam App for Microsoft Sentinel 1
User Guide
Search

Before You Begin

Before you install Veeam App for Microsoft Sentinel, do the following:

  • In your Microsoft Azure portal, perform the following steps:
  1. Configure a Microsoft Sentinel workspace that you will use for the app.
  2. Install Microsoft Defender XDR solution for Sentinel from Azure Marketplace. Then, connect your Microsoft Sentinel workspace to the Microsoft Defender portal and select it as a primary workspace. For more information, see this Microsoft article.
  3. Install Syslog solution for Sentinel from Azure Marketplace. Then, install and configure a syslog forwarder on your syslog server. The forwarder will receive data from Veeam Backup & Replication and Veeam ONE servers and send it to Microsoft Sentinel. For more information, see this Microsoft article.

Note

For better performance, it is recommended to use Linux-based syslog server.

  • For each Veeam Backup & Replication instance you plan to use with the app, make sure that you add your syslog server to the Veeam Backup & Replication console. For more information, see Specifying Syslog Servers in the Veeam Backup & Replication User Guide.
  • For each Veeam ONE instance you plan to use with the app, do the following:
    • Configure your syslog server in the Veeam ONE server settings. For more information, see Syslog Integration in the Veeam ONE Monitoring Guide.
    • Configure sending syslog messages for required Veeam ONE alarms. For more information, see Configuring Syslog Alarms in the Veeam ONE Monitoring Guide.
  • To establish connection between Veeam App for Microsoft Sentinel and Veeam servers, configure a server with the Hybrid Connection Manager. For more information, see this Microsoft article.

Note

For better performance, it is recommended to install the Hybrid Connection Manager to a Microsoft Windows-based server.

View all results across Veeam Help Center
Back to document search