title | description | author | ms.topic | ms.date | ms.service | ms.author | ms.collection |
---|---|---|---|---|---|---|---|
[Recommended] FireEye Network Security (NX) via AMA connector for Microsoft Sentinel |
Learn how to install the connector [Recommended] FireEye Network Security (NX) via AMA to connect your data source to Microsoft Sentinel. |
cwatson-cat |
how-to |
10/23/2023 |
microsoft-sentinel |
cwatson |
sentinel-data-connector |
The FireEye Network Security (NX) data connector provides the capability to ingest FireEye Network Security logs into Microsoft Sentinel.
Connector attribute | Description |
---|---|
Log Analytics table(s) | CommonSecurityLog (FireEyeNX) |
Data collection rules support | Azure Monitor Agent DCR |
Supported by | Microsoft Corporation |
Top 10 Sources
FireEyeNXEvent
| where isnotempty(SrcIpAddr)
| summarize count() by SrcIpAddr
| top 10 by count_
To integrate with [Recommended] FireEye Network Security (NX) via AMA make sure you have:
- ****: To collect data from non-Azure VMs, they must have Azure Arc installed and enabled. Learn more
- ****: Common Event Format (CEF) via AMA and Syslog via AMA data connectors must be installed Learn more
Note
This data connector depends on a parser based on a Kusto Function to work as expected FireEyeNXEvent which is deployed with the Microsoft Sentinel Solution.
- Secure your machine
Make sure to configure the machine's security according to your organization's security policy
For more information, go to the related solution in the Azure Marketplace.