Syslog to Log Analytics (Sentinel). This is alternative to Sentinel connectors using Kubernetes and Logstash
Look at My blog post also Logstash Chart documentation and Azure Log Analytics output plugin for Logstash. Below is example with Palo Alto Networks (see values.PanTraffic.yaml and values.PanThreat.yaml in shakl/charts/logstash/)
azure-pipelines.yml to build and upload image to registry (repository: name.azurecr.io/shakl), see values.yaml
helm del --purge loggen
helm install -f charts/logstash/values.Loggen.yaml charts/logstash/ --name loggen --set replicaCount=2
UDP: loggen --inet --dgram --size 300 --rate 1000 --interval 10 10.161.132.35 6666
TCP: loggen --size 300 --rate 1000 --interval 10 10.161.132.38 6667
workspace('defaultaworkspace').Loggen_CL | where TimeGenerated > now() - 10m | count
TODO: Explain how other users and developers can contribute to make your code better.