Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Cribl connector allows you to easily connect your Cribl (Cribl Enterprise Edition - Standalone) logs with Microsoft Sentinel. This gives you more security insight into your organization's data pipelines.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | CriblAccess_CL CriblAudit_CL CriblUIAccess_CL CriblInternal_CL |
| Data collection rules support | Not currently supported |
| Supported by | Cribl |
Query samples
Cribl Internal Logs
CriblInternal_CL
| sort by TimeGenerated
Cribl Audit Logs
CriblAudit_CL
| sort by TimeGenerated
Cribl Access Logs
CriblAccess_CL
| sort by TimeGenerated
Cribl UI Access Logs
CriblUIAccess_CL
| sort by TimeGenerated
Vendor installation instructions
Installation and setup instructions for Cribl Stream for Microsoft Sentinel
Use the documentation from this GitHub repository and configure Cribl Stream using
https://docs.cribl.io/stream/usecase-azure-workspace/
Next steps
For more information, go to the related solution in the Azure Marketplace.