Forum Discussion
Solved
Azure Sentinal - how to fetch large result set of Winsec events by pagination
Hi Community, We pump the logs of Window security events of some computers into Azure Sentinel SIEM. Now we retrieve those logs from Sentinel to local database by using REST API. The problem is when...
- Not that I can see. The Log Analytics query REST API doesn't appear to allow for limits and pages.
Peter_custodio Can you limit the amount of data being returned by limiting the time range that you are looking at? Granted it will take multiple calls, but it should work.
GaryBushey
Thanks for your suggestion. We want to fetch the data from Sentinel everyday by using Task scheduler job and insert into local DB then query it.
So instead of calling multiple times in a day, is there any other ways to fetch large result set in one call?
- Not that I can see. The Log Analytics query REST API doesn't appear to allow for limits and pages.