Merge pull request #278614 from kpeechara/kapil-branch-0618

prmerger-automator[bot] · web-flow · commit d3c046514279 · 2024-06-18T21:57:23.000Z
Adding note on syslog collection for AKS clusters
diff --git a/articles/sentinel/connect-cef-syslog-ama.md b/articles/sentinel/connect-cef-syslog-ama.md
@@ -13,6 +13,9 @@ ms.date: 05/13/2024
 
 This article describes how to use the **Syslog via AMA** and **Common Event Format (CEF) via AMA** connectors to quickly filter and ingest Syslog messages, including messages in Common Event Format (CEF), from Linux machines and from network and security devices and appliances. To learn more about these data connectors, see [Syslog and Common Event Format (CEF) via AMA connectors for Microsoft Sentinel](cef-syslog-ama-overview.md). 
 
+> [!NOTE]
+> Container Insights now supports the automatic collection of Syslog events from Linux nodes in your AKS clusters. To learn more, see [Syslog collection with Container Insights](../azure-monitor/containers/container-insights-syslog.md).
+
 ## Prerequisites
 
 Before you begin, you must have the resources configured and the appropriate permissions described in this section. 
diff --git a/articles/sentinel/data-connectors/syslog.md b/articles/sentinel/data-connectors/syslog.md
@@ -13,6 +13,9 @@ ms.collection: sentinel-data-connector
 
 Syslog is an event logging protocol that is common to Linux. Applications will send messages that may be stored on the local machine or delivered to a Syslog collector. When the Agent for Linux is installed, it configures the local Syslog daemon to forward messages to the agent. The agent then sends the message to the workspace. For more information, see the [Microsoft Sentinel documentation](https://go.microsoft.com/fwlink/p/?linkid=2223807&wt.mc_id=sentinel_dataconnectordocs_content_cnl_csasci).
 
+> [!NOTE]
+> Container Insights now supports the automatic collection of Syslog events from Linux nodes in your AKS clusters. To learn more, see [Syslog collection with Container Insights](../../azure-monitor/containers/container-insights-syslog.md). 
+
 This is autogenerated content. For changes, contact the solution provider.
 
 ## Connector attributes
diff --git a/articles/sentinel/forward-syslog-monitor-agent.md b/articles/sentinel/forward-syslog-monitor-agent.md
@@ -14,6 +14,9 @@ ms.custom: template-tutorial, linux-related-content
 
 In this tutorial, you configure a Linux virtual machine (VM) to forward Syslog data to your workspace by using Azure Monitor Agent. These steps allow you to collect and monitor data from Linux-based devices where you can't install an agent like a firewall network device.
 
+> [!NOTE]
+> Container Insights now supports the automatic collection of Syslog events from Linux nodes in your AKS clusters. To learn more, see [Syslog collection with Container Insights](../azure-monitor/containers/container-insights-syslog.md).
+
 Configure your Linux-based device to send data to a Linux VM. Azure Monitor Agent on the VM forwards the Syslog data to the Log Analytics workspace. Then use Microsoft Sentinel or Azure Monitor to monitor the device from the data stored in the Log Analytics workspace.
 
 In this tutorial, you learn how to:
