cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Ingesting Archived Logs to Azure Sentinel

AnuragSrivastava
Iron Contributor

‎Mar 27 2021 11:51 PM

‎Mar 27 2021 11:51 PM

Ingesting Archived Logs to Azure Sentinel

Hi,

Is there a way we can ingest logs from Azure Storage Account Blob or Event Hub to Azure Sentinel.

Lets say I have logs stored in the storage account and now I want to bring it to Sentinel for analytics and to check if there is trace of any malicious activity.

2,067 Views
0 Likes
1 Reply
Reply
1 Reply
CliveWatson

‎Mar 29 2021 02:20 AM

‎Mar 29 2021 02:20 AM

Re: Ingesting Archived Logs to Azure Sentinel

@AnuragSrivastava You could just query the data in the Blob, if you only require log queries on this data?  See "Query the data"Move Your Azure Sentinel Logs to Long-Term Storage with Ease - Microsoft Tech Community

There are other options with ADX, this is one of many links
Query exported data from Azure Monitor using Azure Data Explorer (preview) - Azure Monitor | Microso...
  

0 Likes
Reply