Send OCI Logs to Microsoft Azure Sentinel 🪵

I was going through the process of configuring OCI to send audit logs to Microsoft Sentinel using the following walkthrough – https://docs.oracle.com/en/learn/stream-oci-logs-to-azure-sentinel/

When I got the section to configure Azure (Task 5), I ran into an issue – it wasn’t clear exactly what I needed to populate the App Insights Workspace Resource ID setting with as it’s not covered within the documentation 🤔.

This setting can be obtained from the Log Analytics workspace in Azure that is created in Task 4.

Go to Settings > Properties:

Copy the Resource ID and paste this into the App Insights Workspace Resource ID setting.

Once I’d done this, I was able to successfully configure the integration and now have lots of lovely OCI audit logs within Microsoft Sentinel.

Comments

One response to “Send OCI Logs to Microsoft Azure Sentinel 🪵”

March 14, 2025

Ada

lovely

LikeLike

Reply

Send OCI Logs to Microsoft Azure Sentinel 🪵

Comments

One response to “Send OCI Logs to Microsoft Azure Sentinel 🪵”

Leave a comment Cancel reply

More posts

Using tcpdump to troubleshoot network connectivity ❌

Disaster Recovery in OCI using Block Volume Replication 🪄

List all VM Instances within an OCI tenant using PowerShell 💻

Installing a desktop environment on a Linux VM hosted in OCI and making this available using RDP 🖥️

Send OCI Logs to Microsoft Azure Sentinel 🪵

Share this:

Comments

One response to “Send OCI Logs to Microsoft Azure Sentinel 🪵”

Leave a comment Cancel reply

More posts

Using tcpdump to troubleshoot network connectivity ❌

Disaster Recovery in OCI using Block Volume Replication 🪄

List all VM Instances within an OCI tenant using PowerShell 💻

Installing a desktop environment on a Linux VM hosted in OCI and making this available using RDP 🖥️