Good afternoon. I’m being asked to forward the following logs from our InsightVM console server (running RHEL 8.10) to Microsoft Sentinel. The logs I’m being asked to forward are
/opt/rapid7/nexpose/nsc/logs/audit.log
Does anyone have experience setting this up in syslog on RHEL? I opened a support case for this but was told that this outside the scope of Rapid7 support. Just wanted to see if anyone has any experience with this. Thanks