You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/api-dcr-reference.md
+4-2Lines changed: 4 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -29,14 +29,16 @@ PUT https://management.azure.com/subscriptions/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeee
29
29
30
30
#### Syslog/CEF DCR creation request body
31
31
32
-
The following is an example of a DCR creation request. For each stream—you can have several in one DCR—change the value of the `"Streams"` field according to the source of the messages you want to ingest:
32
+
The following is an example of a DCR creation request. For each data source stream—you can have several in one DCR—add a new subsection under `"syslog"` in the `"dataSources"` section and set the value of the `"streams"` field according to the source of the messages you want to ingest:
33
33
34
-
| Log source |`"Streams"` field value |
34
+
| Log source |`"streams"` field value |
35
35
| --- | --- |
36
36
|**Syslog**|`"Microsoft-Syslog"`|
37
37
|**CEF**|`"Microsoft-CommonSecurityLog"`|
38
38
|**Cisco ASA**|`"Microsoft-CiscoAsa"`|
39
39
40
+
See the example of multiple streams sections in the following code sample:
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments