PdfPrep.com

Which two actions should you perform?

Your on-premises network contains 100 virtual machines that run Windows Server 2019.

You have an Azure subscription that contains an Azure Log Analytics workspace named Workspace1.

You need to collect errors from the Windows event logs on the virtual machines.

Which two actions should you perform? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
A . Configure the Data Collection settings for Workspace1.
B . Deploy the Microsoft Monitoring Agent
C . Create an Azure Event Grid domain
D . Create an Azure Sentinel workspace.
E . Configure Windows Event Forwarding on the virtual machines

Answer: A,B

Explanation:

The Azure Log Analytics agent collects telemetry from Windows and Linux virtual machines in any cloud, on-premises machines, and those monitored by System Center Operations Manager and sends it collected data to your Log Analytics workspace in Azure Monitor.

Note: You may also see the Log Analytics agent referred to as the Microsoft Monitoring Agent (MMA) or OMS Linux agent.

Data is collected using the Log Analytics agent, which reads various security-related

configurations and event logs from the machine and copies the data to your workspace for analysis.

Reference:

https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent

https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-data-collection

Exit mobile version