GitLab connector for Microsoft Sentinel
The GitLab connector allows you to easily connect your GitLab (GitLab Enterprise Edition - Standalone) logs with Microsoft Sentinel. This gives you more security insight into your organization's DevOps pipelines.
This is autogenerated content. For changes, contact the solution provider.
Connector attributes
Connector attribute | Description |
---|---|
Log Analytics table(s) | Syslog (GitlabAccess) Syslog (GitlabAudit) Syslog (GitlabApp) |
Data collection rules support | Workspace transform DCR |
Supported by | Microsoft Corporation |
Query samples
GitLab Application Logs
GitLabApp
| sort by TimeGenerated
GitLab Audit Logs
GitLabAudit
| sort by TimeGenerated
GitLab Access Logs
GitLabAccess
| sort by TimeGenerated
Vendor installation instructions
Configuration
This data connector depends on three parsers based on a Kusto Function to work as expected GitLab Access Logs, GitLab Audit Logs and GitLab Application Logs which are deployed with the Microsoft Sentinel Solution.
- Install and onboard the agent for Linux
Typically, you should install the agent on a different computer from the one on which the logs are generated.
Syslog logs are collected only from Linux agents.
- Configure the logs to be collected
Configure the facilities you want to collect and their severities.
- Under workspace advanced settings Configuration, select Data and then Syslog.
- Select Apply below configuration to my machines and select the facilities and severities.
- Click Save.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Phản hồi
https://aka.ms/ContentUserFeedback.
Sắp ra mắt: Trong năm 2024, chúng tôi sẽ dần gỡ bỏ Sự cố với GitHub dưới dạng cơ chế phản hồi cho nội dung và thay thế bằng hệ thống phản hồi mới. Để biết thêm thông tin, hãy xem:Gửi và xem ý kiến phản hồi dành cho