Forum Discussion

JasonCohen1892's avatar
Jul 14, 2021

New Blog Post | What’s New: Azure Sentinel Hunting supports ADX cross-resource queries

What’s New: Azure Sentinel Hunting supports ADX cross-resource queries - Microsoft Tech Community

Now in preview, you can use Azure Data Explorer (ADX) cross-resource queries from with-in the hunting query page, the livestream page, and the logs (Log Analytics) page. Although Log Analytics remains the primary data storage location for performing analysis with Azure Sentinel, there are cases where ADX is required to store data due to cost, retention periods, or other factors.  

 

You can learn more about sending logs from Azure Sentinel to Azure Data Explorer for long-term retention here: Integrate Azure Data Explorer for long-term log retention.

No RepliesBe the first to reply

Resources