Forum Discussion
Sending logs from one tenant to a different tenant Sentinel instance
Team, I have a scenario where logs from one tenant needs to be forwarded to another tenant LA workspace Sentinel. I know we have Azure lighthouse which can be used but customer requirement is to ...
pavankemi While you can send the data from one tenant to another, keep in mind that a lot of the data will not be useful as you will loose a lot of the reference data (for instance, user GUIDs) and the vast majority of the data will need to be put into custom tables as you cannot add your own data to Azure Sentinel's tables.
With that being said, once the data is in an Event Hub, you can write a Logic App to process the data and write it to the Logic App in the new tenant. Connect to Azure Event Hubs - Azure Logic Apps | Microsoft Docs. There is an Azure Monitor Send Data connector to write to a Log Analytics Workspace.
Hi Gary.i was looking at the Azure monitor send data connector in logic apps but there is no such action listed under azure monitor. Am i doing something wrong