Skip to content

Commit 4d9d24d

Browse files
EdB-MSFTEdB-MSFT
committed
fix
1 parent c662c1c commit 4d9d24d

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

articles/sentinel/cef-syslog-ama-overview.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
---
22
title: Syslog and CEF AMA connectors - Microsoft Sentinel
33
description: Learn how Microsoft Sentinel collects Syslog and Common Event Format (CEF) messages with the Azure Monitor Agent.
4-
author: edbaynash
5-
ms.author: EdB-MSFT
4+
author: EdB-MSFT
5+
ms.author: edbaynash
66
ms.topic: concept-article
77
ms.custom: linux-related-content
88
ms.date: 07/29/2025
@@ -72,6 +72,7 @@ The data ingestion process using the Azure Monitor Agent uses the following comp
7272

7373
- Your **Microsoft Sentinel (Log Analytics) workspace:** CEF logs sent here end up in the *CommonSecurityLog* table, and Syslog messages in the *Syslog* table. There you can query the logs and perform analytics on them to detect and respond to security threats.
7474

75+
---
7576

7677
> [!NOTE]
7778
> When ingesting syslog data using a log forwarder and Azure Monitor Agent (AMA), inconsistencies may arise between the `TimeGenerated` and `EventTime` fields.
@@ -81,7 +82,6 @@ The data ingestion process using the Azure Monitor Agent uses the following comp
8182
>This can lead to differences between the two fields when the forwarder/collector and the device generating the log are in different time zones.
8283
8384

84-
---
8585

8686
## Setup process to collect log messages
8787

0 commit comments

Comments
 (0)