Forum Discussion
JasonCohen1892
Microsoft
Jul 14, 2021New Blog Post | What’s New: Azure Sentinel Hunting supports ADX cross-resource queries
What’s New: Azure Sentinel Hunting supports ADX cross-resource queries - Microsoft Tech Community
Now in preview, you can use Azure Data Explorer (ADX) cross-resource queries from with-in the hunting query page, the livestream page, and the logs (Log Analytics) page. Although Log Analytics remains the primary data storage location for performing analysis with Azure Sentinel, there are cases where ADX is required to store data due to cost, retention periods, or other factors.
You can learn more about sending logs from Azure Sentinel to Azure Data Explorer for long-term retention here: Integrate Azure Data Explorer for long-term log retention.
No RepliesBe the first to reply