Forum Discussion
Sending logs from one tenant to a different tenant Sentinel instance
Team, I have a scenario where logs from one tenant needs to be forwarded to another tenant LA workspace Sentinel. I know we have Azure lighthouse which can be used but customer requirement is to ...
Thanks Gary for the quick response. What approach we can follow so that we can forward the data without losing any reference data.
3rd party SIEM solutions use eventhubs to get the data from the Azure. We are trying to perform the similar exercise but in this case we are sending to Sentinel. What changes between 3rd party SIEM solutions and Sentinel.
pavankemi I doubt 3rd party SIEMs would do any better unless they download the information from Azure AD as well (for my example). I think the biggest issue will be writing/modifying all the queries to look at the new tables.