Jun 27 2020 04:08 PM
We have an environment in Azure where for some reason, application logs are being written into a separate SQL Server table. How do we bring that log data. from a SQL server table into Sentinel? do we convert the table, into a flat file and then import or any other convenient way is possible?
Jun 28 2020 08:27 AM
@vipsys I am not aware of a way directly, but you can use a Logic App that will read your SQL table and then copy the data into a custom log.
There is a connector in Logic Apps that will allow you to kick it off when a new item is created in SQL Server. Then us the Azure Log Analytics Data Collector's Send Data action to send it to your log.
Jun 28 2020 11:30 AM