A few important updates to the Azure Sentinel CEF Connector

The CEF connector in Azure Sentinel has received some necessary updates and the docs have been updated already to reflect the changes.

Docs: Connect your external solution using Common Event Format

For those that have been working with this connector, it’s worthwhile to see what’s changed.

Here’s what’s new…

  • The command-line to install the CEF collector (agent) has changed just a bit. It’s now: sudo wget -O cef_installer.py

The command line change helps alleviate some issues that resulted because of a pile-up of old scripts.

  • Additional OS support has been added. The connector now supports the following additional OS versions:.
    • CentOS 8
    • RedHat 8
    • SUSE Linux 15
  • Python version 3 support has been added.

[Want to discuss this further? Hit me up on Twitter or LinkedIn]

Author