Does anyone know if it is possible to forward LINA/FTD messages to Azure Sentinel via the e-Streamer eNcore? I have successfully setup the service to forward my FMC connection events but I also want to forward messages from the traditional ASA platform which have FTD in the string.
I do have an FTD that is forwarding the syslog messages to my eNcore server (I can see them in /var/log/syslog). But I don't see them in Sentinel.
https://www.cisco.com/c/en/us/td/docs/security/firepower/670/api/eStreamer_enCore/eStreamereNcoreSentinelOperationsGuide_409.html