Update unified-connector-syslog-device.md

guywi-ms · guywi-ms · commit be1501171e87 · 2025-06-25T12:11:34.000+03:00
diff --git a/articles/sentinel/unified-connector-syslog-device.md b/articles/sentinel/unified-connector-syslog-device.md
@@ -71,7 +71,8 @@ This data connector was developed using Cisco Stealthwatch version 7.3.2
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.
 >
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **CiscoUCS**. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Cisco%20UCS/Parsers/CiscoUCS.yaml). It might take about 15-minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **CiscoUCS**. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Cisco%20UCS/Parsers/CiscoUCS.yaml). It might take about 15-minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 ## Cisco Web Security Appliance (WSA)
 
@@ -94,7 +95,8 @@ Configure Citrix ADC (former NetScaler) to forward logs via Syslog.
 For more information, see the [Citrix ADC (former NetScaler) documentation](https://docs.netscaler.com/).
 
 > [!NOTE]
-> The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed  as part of the solution installation. To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **CitrixADCEvent**. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Citrix%20ADC/Parsers/CitrixADCEvent.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed  as part of the solution installation. To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **CitrixADCEvent**. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Citrix%20ADC/Parsers/CitrixADCEvent.yaml). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 >
 > This parser requires a watchlist named `Sources_by_SourceType`.
 >
@@ -165,7 +167,8 @@ This data connector was developed using Forescout Syslog Plugin version: v3.6
 > [!NOTE]
 > The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed  as part of the solution installation.
 >
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **Infoblox**. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Infoblox%20NIOS/Parsers/Infoblox.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **Infoblox**. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Infoblox%20NIOS/Parsers/Infoblox.yaml). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 > 
 > This parser requires a watchlist named **`Sources_by_SourceType`**.
 >
@@ -250,7 +253,8 @@ Complete the following steps.
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.
 > 
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **PulseConnectSecure**. Alternatively, directly load the [function code](https://aka.ms/sentinel-PulseConnectSecure-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **PulseConnectSecure**. Alternatively, directly load the [function code](https://aka.ms/sentinel-PulseConnectSecure-parser). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 ## RSA SecurID
 
@@ -262,7 +266,8 @@ Complete the following steps to get RSA® SecurID Authentication Manager logs in
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.
 >
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **RSASecurIDAMEvent**. Alternatively, you can directly load the [function code](https://aka.ms/sentinel-rsasecuridam-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **RSASecurIDAMEvent**. Alternatively, you can directly load the [function code](https://aka.ms/sentinel-rsasecuridam-parser). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 This data connector was developed using RSA SecurID Authentication Manager version: 8.4 and 8.5
 
@@ -275,7 +280,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi
 > The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed  as part of the solution installation.
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line. 
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SophosXGFirewall**. Alternatively, directly load the [function code](https://aka.ms/sentinel-SophosXG-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SophosXGFirewall**. Alternatively, directly load the [function code](https://aka.ms/sentinel-SophosXG-parser). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 
 ## Symantec Endpoint Protection
@@ -287,7 +293,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi
 > The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed  as part of the solution installation.
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line. 
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SymantecEndpointProtection**. Alternatively, you can directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/Symantec%20Endpoint%20Protection/Parsers/SymantecEndpointProtection.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SymantecEndpointProtection**. Alternatively, you can directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/Symantec%20Endpoint%20Protection/Parsers/SymantecEndpointProtection.yaml). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 ## Symantec ProxySG
 
@@ -308,7 +315,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.
 > 
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SymantecProxySG**. Alternatively, directly load the [function code](https://aka.ms/sentinel-SymantecProxySG-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SymantecProxySG**. Alternatively, directly load the [function code](https://aka.ms/sentinel-SymantecProxySG-parser). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 ## Symantec VIP
 
@@ -319,7 +327,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line. 
 >
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SymantecVIP**. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Symantec%20VIP/Parsers/SymantecVIP.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias **SymantecVIP**. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Symantec%20VIP/Parsers/SymantecVIP.yaml). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 ## VMware ESXi
 
@@ -334,7 +343,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi
 >
 > Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.
 >
-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias VMwareESXi. Alternatively, directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/VMWareESXi/Parsers/VMwareESXi.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias VMwareESXi. Alternatively, directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/VMWareESXi/Parsers/VMwareESXi.yaml). It might take about 15 minutes post-installation to update. 
+> Although the solution references the deprecated **Log Analytics agent** connector, you can continue to use the same solution, including the referenced parser, with the **Syslog via AMA** data connector instead.
 
 ## WatchGuard Firebox
 

Original file line number	Diff line number	Diff line change
`@@ -71,7 +71,8 @@ This data connector was developed using Cisco Stealthwatch version 7.3.2`
`71`	`71`	`>`
`72`	`72`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`73`	`73`	`>`
`74`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias CiscoUCS. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Cisco%20UCS/Parsers/CiscoUCS.yaml). It might take about 15-minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`74`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias CiscoUCS. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Cisco%20UCS/Parsers/CiscoUCS.yaml). It might take about 15-minutes post-installation to update.`
	`75`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`75`	`76`
`76`	`77`	`## Cisco Web Security Appliance (WSA)`
`77`	`78`
`@@ -94,7 +95,8 @@ Configure Citrix ADC (former NetScaler) to forward logs via Syslog.`
`94`	`95`	`For more information, see the [Citrix ADC (former NetScaler) documentation](https://docs.netscaler.com/).`
`95`	`96`
`96`	`97`	`> [!NOTE]`
`97`		-> The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed as part of the solution installation. To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias CitrixADCEvent. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Citrix%20ADC/Parsers/CitrixADCEvent.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`98`	+> The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed as part of the solution installation. To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias CitrixADCEvent. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Citrix%20ADC/Parsers/CitrixADCEvent.yaml). It might take about 15 minutes post-installation to update.
	`99`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`98`	`100`	`>`
`99`	`101`	> This parser requires a watchlist named `Sources_by_SourceType`.
`100`	`102`	`>`
`@@ -165,7 +167,8 @@ This data connector was developed using Forescout Syslog Plugin version: v3.6`
`165`	`167`	`> [!NOTE]`
`166`	`168`	`> The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed as part of the solution installation.`
`167`	`169`	`>`
`168`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias Infoblox. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Infoblox%20NIOS/Parsers/Infoblox.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`170`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias Infoblox. Alternatively, you can directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Infoblox%20NIOS/Parsers/Infoblox.yaml). It might take about 15 minutes post-installation to update.`
	`171`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`169`	`172`	`>`
`170`	`173`	> This parser requires a watchlist named `Sources_by_SourceType`.
`171`	`174`	`>`
`@@ -250,7 +253,8 @@ Complete the following steps.`
`250`	`253`	`>`
`251`	`254`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`252`	`255`	`>`
`253`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias PulseConnectSecure. Alternatively, directly load the [function code](https://aka.ms/sentinel-PulseConnectSecure-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`256`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias PulseConnectSecure. Alternatively, directly load the [function code](https://aka.ms/sentinel-PulseConnectSecure-parser). It might take about 15 minutes post-installation to update.`
	`257`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`254`	`258`
`255`	`259`	`## RSA SecurID`
`256`	`260`
`@@ -262,7 +266,8 @@ Complete the following steps to get RSA® SecurID Authentication Manager logs in`
`262`	`266`	`>`
`263`	`267`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`264`	`268`	`>`
`265`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias RSASecurIDAMEvent. Alternatively, you can directly load the [function code](https://aka.ms/sentinel-rsasecuridam-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`269`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias RSASecurIDAMEvent. Alternatively, you can directly load the [function code](https://aka.ms/sentinel-rsasecuridam-parser). It might take about 15 minutes post-installation to update.`
	`270`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`266`	`271`
`267`	`272`	`This data connector was developed using RSA SecurID Authentication Manager version: 8.4 and 8.5`
`268`	`273`
`@@ -275,7 +280,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi`
`275`	`280`	`> The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed as part of the solution installation.`
`276`	`281`	`>`
`277`	`282`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`278`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SophosXGFirewall. Alternatively, directly load the [function code](https://aka.ms/sentinel-SophosXG-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`283`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SophosXGFirewall. Alternatively, directly load the [function code](https://aka.ms/sentinel-SophosXG-parser). It might take about 15 minutes post-installation to update.`
	`284`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`279`	`285`
`280`	`286`
`281`	`287`	`## Symantec Endpoint Protection`
`@@ -287,7 +293,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi`
`287`	`293`	`> The functionality of this data connector is reliant on a Kusto Function-based parser, which is integral to its operation. This parser is deployed as part of the solution installation.`
`288`	`294`	`>`
`289`	`295`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`290`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SymantecEndpointProtection. Alternatively, you can directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/Symantec%20Endpoint%20Protection/Parsers/SymantecEndpointProtection.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`296`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SymantecEndpointProtection. Alternatively, you can directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/Symantec%20Endpoint%20Protection/Parsers/SymantecEndpointProtection.yaml). It might take about 15 minutes post-installation to update.`
	`297`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`291`	`298`
`292`	`299`	`## Symantec ProxySG`
`293`	`300`
`@@ -308,7 +315,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi`
`308`	`315`	`>`
`309`	`316`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`310`	`317`	`>`
`311`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SymantecProxySG. Alternatively, directly load the [function code](https://aka.ms/sentinel-SymantecProxySG-parser). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`318`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SymantecProxySG. Alternatively, directly load the [function code](https://aka.ms/sentinel-SymantecProxySG-parser). It might take about 15 minutes post-installation to update.`
	`319`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`312`	`320`
`313`	`321`	`## Symantec VIP`
`314`	`322`
`@@ -319,7 +327,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi`
`319`	`327`	`>`
`320`	`328`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`321`	`329`	`>`
`322`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SymantecVIP. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Symantec%20VIP/Parsers/SymantecVIP.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`330`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias SymantecVIP. Alternatively, directly load the [function code](https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Symantec%20VIP/Parsers/SymantecVIP.yaml). It might take about 15 minutes post-installation to update.`
	`331`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`323`	`332`
`324`	`333`	`## VMware ESXi`
`325`	`334`
`@@ -334,7 +343,8 @@ This data connector was developed using RSA SecurID Authentication Manager versi`
`334`	`343`	`>`
`335`	`344`	`> Update the parser and specify the hostname of the source machines transmitting the logs in the parser's first line.`
`336`	`345`	`>`
`337`		-> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias VMwareESXi. Alternatively, directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/VMWareESXi/Parsers/VMwareESXi.yaml). It might take about 15 minutes post-installation to update. Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.
	`346`	`+> To access the function code within Log Analytics, navigate to the Log Analytics/Microsoft Sentinel Logs section, select Functions, and search for the alias VMwareESXi. Alternatively, directly load the [function code](https://raw.githubusercontent.com/Azure/Azure-Sentinel/master/Solutions/VMWareESXi/Parsers/VMwareESXi.yaml). It might take about 15 minutes post-installation to update.`
	`347`	`+> Although the solution references the deprecated Log Analytics agent connector, you can continue to use the same solution, including the referenced parser, with the Syslog via AMA data connector instead.`
`338`	`348`
`339`	`349`	`## WatchGuard Firebox`
`340`	`350`