Azure Monitor Agent (AMA)

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Methods Index

---

The Azure Monitor Agent (AMA) is the recommended agent for collecting logs from Azure VMs, on-premises servers, and multi-cloud environments. It replaces the legacy Log Analytics agent (MMA) and provides improved performance, security, and manageability.

Documentation

• 📖 Azure Monitor Agent overview
• 📖 Install and manage the Azure Monitor Agent
• 📖 Connect via Windows agent-based connectors
• 📖 Migrate to Azure Monitor Agent from Log Analytics agent
• 📖 AMA migration for Microsoft Sentinel
• 📖 Data collection rules in Azure Monitor
• 📖 CEF and Syslog via AMA overview
• 📖 Connect CEF and Syslog via AMA
• 📖 Device configuration for CEF via AMA
• 📖 Syslog device configuration
• 📖 Troubleshoot CEF and Syslog via AMA
• 📖 Collect logs from text files via AMA
• 📖 Custom logs device configuration
• 📖 DNS via AMA

Statistics

Metric	Count
Total Connectors	58
Active	25
Deprecated 🚫	33
Unpublished ⚠️	0

Connectors Using This Method

Active Connectors

Connector	Publisher	Tables	Solution
Microsoft Active-Directory Domain Controllers Security Event Logs	Microsoft	1	Microsoft Exchange Security - Exchange On-Premises
[Recommended] Infoblox Cloud Data Connector via AMA	Infoblox	1	Infoblox
[Recommended] Infoblox SOC Insight Data Connector via AMA	Infoblox	1	Infoblox
[Recommended] Vectra AI Stream via AMA	Vectra AI	17	Vectra AI Stream
Automated Logic WebCTRL	AutomatedLogic	1	ALC-WebCTRL
Cisco ASA/FTD via AMA ➕	Microsoft	2	CiscoASA
Cisco Software Defined WAN 🔶	Cisco	2	Cisco SD-WAN
Common Event Format (CEF) via AMA ➕	Microsoft	1	Common Event Format
CTERA Syslog	CTERA Networks Ltd	1	CTERA
Custom logs via AMA 🔶	Microsoft	16	CustomLogsAma
Cyborg Security HUNTER Hunt Packages	Cyborg Security	1	Cyborg Security HUNTER
Fortinet FortiWeb Web Application Firewall via AMA	Microsoft	1	Fortinet FortiWeb Cloud WAF-as-a-Service connector for Microsoft Sentinel
iboss via AMA ➕	iboss	1	iboss
IIS Logs of Microsoft Exchange Servers	Microsoft	1	Microsoft Exchange Security - Exchange On-Premises
Microsoft Exchange Admin Audit Logs by Event Logs	Microsoft	1	Microsoft Exchange Security - Exchange On-Premises
Microsoft Exchange Logs and Events	Microsoft	1	Microsoft Exchange Security - Exchange On-Premises
Radiflow iSID via AMA	Radiflow	1	Radiflow
Silverfort Admin Console	Silverfort	1	Silverfort
Syslog via AMA	Microsoft	1	Syslog
VirtualMetric DataStream for Microsoft Sentinel	VirtualMetric	1	VirtualMetric DataStream
VirtualMetric DataStream for Microsoft Sentinel data lake	VirtualMetric	1	VirtualMetric DataStream
Windows DNS Events via AMA	Microsoft	1	Windows Server DNS
Windows Firewall Events via AMA	Microsoft	1	Windows Firewall
Windows Forwarded Events	Microsoft	1	Windows Forwarded Events
Windows Security Events via AMA ➕	Microsoft	1	Windows Security Events

Deprecated Connectors 🚫

Connector	Publisher	Tables	Solution
🚫 [Deprecated] AI Analyst Darktrace via AMA	Darktrace	1	AI Analyst Darktrace
🚫 [Deprecated] Akamai Security Events via AMA	Akamai	1	Akamai Security Events
🚫 [Deprecated] Aruba ClearPass via AMA	Aruba Networks	1	Aruba ClearPass
🚫 [Deprecated] Broadcom Symantec DLP via AMA	Broadcom	1	Broadcom SymantecDLP
🚫 [Deprecated] Cisco Firepower eStreamer via AMA	Cisco	1	Cisco Firepower EStreamer
🚫 [Deprecated] Cisco Secure Email Gateway via AMA	Cisco	1	CiscoSEG
🚫 [Deprecated] Citrix WAF (Web App Firewall) via AMA	Citrix Systems Inc.	1	Citrix Web App Firewall
🚫 [Deprecated] Claroty via AMA	Claroty	1	Claroty
🚫 [Deprecated] Contrast Protect via AMA	Contrast Security	1	Contrast Protect
🚫 [Deprecated] CrowdStrike Falcon Endpoint Protection via AMA	CrowdStrike	1	CrowdStrike Falcon Endpoint Protection
🚫 [Deprecated] CyberArk Privilege Access Manager (PAM) Events via AMA	Cyber-Ark	1	CyberArk Privilege Access Manager (PAM) Events
🚫 [Deprecated] Delinea Secret Server via AMA	Delinea, Inc	1	Delinea Secret Server
🚫 [Deprecated] ExtraHop Reveal(x) via AMA	ExtraHop Networks	1	ExtraHop Reveal(x)
🚫 [Deprecated] F5 Networks via AMA	F5 Networks	1	F5 Networks
🚫 [Deprecated] FireEye Network Security (NX) via AMA	FireEye	1	FireEye Network Security
🚫 [Deprecated] Forcepoint CASB via AMA	Forcepoint CASB	1	Forcepoint CASB
🚫 [Deprecated] Forcepoint CSG via AMA	Forcepoint	1	Forcepoint CSG
🚫 [Deprecated] Forcepoint NGFW via AMA	Forcepoint	1	Forcepoint NGFW
🚫 [Deprecated] Fortinet via AMA	Fortinet	1	Fortinet FortiGate Next-Generation Firewall connector for Microsoft Sentinel
🚫 [Deprecated] Illumio Core via AMA	Illumio	1	Illumio Core
🚫 [Deprecated] Illusive Platform via AMA	illusive	1	Illusive Platform
🚫 [Deprecated] Netwrix Auditor via AMA	Netwrix	1	Netwrix Auditor
🚫 [Deprecated] Nozomi Networks N2OS via AMA	Nozomi Networks	1	NozomiNetworks
🚫 [Deprecated] OSSEC via AMA	OSSEC	1	OSSEC
🚫 [Deprecated] Palo Alto Networks (Firewall) via AMA	Palo Alto Networks	1	PaloAlto-PAN-OS
🚫 [Deprecated] Palo Alto Networks Cortex Data Lake (CDL) via AMA	Palo Alto Networks	1	PaloAltoCDL
🚫 [Deprecated] PingFederate via AMA	Ping Identity	1	PingFederate
🚫 [Deprecated] RIDGEBOT - data connector for Microsoft Sentinel	RidgeSecurity	1	RidgeSecurity
🚫 [Deprecated] SonicWall Firewall via AMA	SonicWall	1	SonicWall Firewall
🚫 [Deprecated] Trend Micro Apex One via AMA	Trend Micro	1	Trend Micro Apex One
🚫 [Deprecated] vArmour Application Controller via AMA	vArmour	1	vArmour Application Controller
🚫 [Deprecated] Vectra AI Detect via AMA	Vectra AI	1	Vectra AI Detect
🚫 [Deprecated] WireX Network Forensics Platform via AMA	WireX_Systems	1	WireX Network Forensics Platform

---

🚫 Deprecated: This connector has been deprecated and may be removed in future versions.

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Methods Index