Make sure that you've reviewed necessary prerequisites and other considerations as documented here in the Azure Monitor documentation. Include the following steps in your migration process: This section provides suggested guidance to consider when migrating from the Log Analytics MMA/OMS agent to the AMA, specifically for Microsoft Sentinel. Linux logs Log type / SupportĮach organization will have different metrics of success and internal migration processes. Migrate to the new AMA connectors to get higher performance, especially if you are using your servers as log forwarders for Windows security events or forwarded events. The Azure Monitor agent provides a throughput that is 25% better than legacy Log Analytics agents. Windows DNS Server connector (Public preview) Windows DNS servers via AMA connector (Public preview) Windows Forwarded Events (Public Preview) Windows Security Events data connector (AMA) (Public preview) Windows Security Events data connector (Legacy) Windows Security Events data connector (Public preview) This will be updated as support for AMA grows towards parity with the Log Analytics agent. The following tables show gap analyses for the log types that currently rely on agent-based data collection for Microsoft Sentinel. This article provides specific details and differences for Microsoft Sentinel. Start with the Azure Monitor documentation which provides an agent comparison and general information for this migration process. If you are using the Log Analytics agent in your Microsoft Sentinel deployment, we recommend that you start planning your migration to the AMA.
The Log Analytics agent will be retired on 31 August, 2024.
0 kommentar(er)
