I have connected Logstash datasource to Azure Sentinel, I'm pushing the logs to a custom log tabe as "SQLAuthenticationLogs_CL".
I would like to know how to:
1- Clear these custom logs
2- Remove the customer table
View best response
Logs will be removed when the retention period has been reached. This is the #1 method.
For specific GDPR use cases (this isn't a method you should be using often) there is article you should read - please pay close attention to the many WARNING and IMPORTANT messages on this page: