Hi,
on a Azure Sentinel workgroup I have the Azure Active Directory connector and the Security Event Connector Enabled.
Some of the customer Domain Controller are present on Azure Virtual Machine server.
If I install the Agent on the Azure Virtual Machine, do I have duplicated events collected? One from the Azure Active Directory and one from Security Event Connector?
Are the events generated from Azure Active Directory the same of the events generated Security Events of the Domain Controller installed on the Azure Virtual Machine?
I don't want duplicated events on the workgroup.
Regards,
LG