Figure 1: Azure Monitor Diagnostic settings for Azure AD Logs.
Figure 2: Sumo logic app showing Azure AD Logs (integrated through Azure Monitor).
Figure 3: Sumo logic app based on Azure AD Logs (integrated through Azure Monitor Event Hub).
Figure 4: Splunk reports based on Azure AD Sign-ins.This strategy for routing logs is consistent with other Azure resources as well. (You can find the details here about which Azure resources offer this functionality.)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.