Is it possible to import logs that are being written into an SQL server table, into Sentinel?

New Contributor

We have an environment in Azure where for some reason, application logs are being written into a separate SQL Server table. How do we bring that log data. from a SQL server table into Sentinel? do we convert the table, into a flat file and then import or any other convenient way is possible?

2 Replies

@vipsys I am not aware of a way directly, but you can use a Logic App that will read your SQL table and then copy the data into a custom log. 


There is a connector in Logic Apps that will allow you to kick it off when a new item is created in SQL Server. Then us the Azure Log Analytics Data Collector's Send Data action to send it to your log.