search

Azure Sentinel Stream integration using AMA

This article provides detailed instructions for deploying and configuring the Vectra Stream app for Azure Sentinel for use with the Microsoft Azure Monitor Agent.

Vectra AI Stream for Microsoft Azure Sentinel v1.0 utilizes Microsoft OMS (Log Analytics) agent to collect event data from Vectra and send it to log analytics workspace. This agent is schedule for end-of-life August 31, 2024, and is replaced with the Azure Monitor Agent (AMA). This document explains how to configure Microsoft AMA to ingest Vectra network telemetry (aka metadata) into Microsoft Azure Sentinel Log Analytics.

This document applies to environments where pre-existing deployments must migrate from OMS to AMA as well as for new deployments starting with AMA.

Please look to the right of this article to access the PDF document Stream-Sentinel-AMA-Configuration-Guide.pdf which contains the detailed instructions.

hashtag
Attachments

file-pdf
2MB
Stream-Sentinel-AMA-Configuration-Guide.pdf
PDF
arrow-up-right-from-squareOpen
PreviousAzure Sentinel SIEM integration (RUX)NextAzure Sentinel Stream integration using OMS (Deprecated)

Last updated

Was this helpful?