Forum Discussion
Feed data location to run against Sentinel's KQL function
Hi, We have a feed consisting of around 250,000-300,000 entries and will be imported daily. We do not intend to store this data in Sentinel as a table and would like to store it somewhere else (C...
https://learn.microsoft.com/en-us/azure/azure-monitor/logs/basic-logs-query?tabs=portal-1
Auxiliary or Basic logs could also be an option? https://azure.microsoft.com/en-gb/pricing/details/monitor/ You'd still have to use a Logic Apps to run Alerts against this.
Auxiliary or Basic logs could also be an option? https://azure.microsoft.com/en-gb/pricing/details/monitor/ You'd still have to use a Logic Apps to run Alerts against this.