Comments (6)
Per the Log Analytics agent documentation here and here, you set up a proxy by modifying the proxy.conf.
from azure-sentinel.
Thanks @oshezaf this is pointing me in the right direction. It looks like the python wrapper script written for Azure Sentinel does not have support yet for an http proxy. I'll see if I can modify the script and issue a pull request.
from azure-sentinel.
Created pull request #531
There were two parts to the issue. The first part is with the cef_installer.py
script which is in the pull request. The second issue was with sudo not passing the https_proxy
environment variable.
To fix the second issue you need to modify /etc/suoders
or add the file /etc/sudoers.d/proxykeep
to pass the environment variables for http proxy settings
Defaults env_keep += "http_proxy https_proxy no_proxy"
With sudo passing the https_proxy
environment variable and the cef_installer.py
script modified to detect and add the argument to the omsagent install script, the CEF collector can be installed fully with proxy settings and no post-modifications required.
from azure-sentinel.
Thanks for the contribution, we are taking a look and will address the issue
from azure-sentinel.
We were able to work around this problem by updating /etc/wgetrc to add the proxy variables http_proxy and https_proxy and enable it using use_proxy = on. We also added check_certificate = off to prevent issues with SSL. This ensures any instance of wget being called by scripts or nested scripts will always pickup the proxy configuration. Ref (link)
from azure-sentinel.
Closing as this has been work-arounded
from azure-sentinel.
Related Issues (20)
- Cloudflare Connector runs too long and causes error HOT 1
- Sentinel Workbook description. HOT 6
- Azure firewall logs not present in ASIM - function is querying wrong tables HOT 1
- Windows Security Events / "NRT Process executed from binary hidden in Base64 encoded file" has incorrect Entity Mapping HOT 3
- Have a branch that reflects the currently available content in the Content Hub HOT 4
- certain Analytics Rules using the AzureActivity table expect Resource and ResourceId columns to be present but they aren't always HOT 8
- Function App Not Bringing Logs into Sentinel HOT 8
- NGINXHTTPServer Parsers doesn't include information about the log source hostname. HOT 8
- JSONDecodeError when ingesting Cloudflare logs HOT 2
- Formatting for Syslog integrated logs HOT 5
- Can't use Intro to KQL workbook HOT 2
- Enforce AWS role naming requirements HOT 1
- Cisco Support DEAD (MERAKI = Linux) ? HOT 2
- Intermittent Entity mapping from Defender Incidents HOT 8
- Cloudflare Missing columns/tables HOT 1
- Redundant rule templates about MFA Rejection/Deny HOT 7
- Unable to delete Threat Intelligence Upload Indicators API (Preview) dataconnector HOT 16
- Azure-Sentinel/Tools /Sentinel-All-In-One: Possibility to add tags HOT 6
- GoogleWorkspaceReports - getting API error, Quota exceeded for quota metric HOT 16
- URI pattern being used is being flagged by ttk HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from azure-sentinel.