Data Collection Rule for Syslog

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure Visualize

This template creates a data collection rule defining the data source (Syslog) and the destination workspace.

Sample overview and deployed resources

The following resources are deployed

Microsoft.Insights/dataCollectionRules

Data collection rule (DCR) - defines:

  • Data Sources: WHAT data should be collected
  • Destinations: WHERE it should be sent
  • Data flows: HOW to route data streams

MySyslogDcr: Defines Microsoft-Syslog as the data source, and the log analytics workspaceResourceId as the destination.

Prerequisites

A log analytics workspace resource created. The resource ID will be the input of the deployment.

Deployment steps

You can click the "deploy to Azure" button at the beginning of this document or follow the instructions for command line deployment using the scripts in the root of this repo.

Notes

For more information on data collection rules, please visit:

Tags: DCR, DCRA, Monitor, data collection, data collection rule, azure monitor, Microsoft.Insights/dataCollectionRules, microsoft.operationalinsights/workspaces