ArcSight Integration with Microsoft OMS Log Analytics
I am currently studying integration possibilities of ArcSight with Microsoft OMS Log Analytics. Initially I was under the impression that I was going to be integrating it with ASC - Azure Security Center - for which there is some information available and was a bit more straight forward.
However, that was not the case and integration with Log Analytics actually looks to be different. My best guess up to now is that I should develop a REST Flex Connector and have it querying the Log Analytics log search REST API:
Long story short, is there anyone who has already done this, has some experience with how it could be achieved and if this is the right way to go?