Aug 24 2021 04:09 AM - last edited on Nov 29 2021 11:54 AM by Allen
There are two options how to set up the LAWs for the Security Center. By default, when onboarding the subscription in the Security Center, a separate LAW is created for each subscription. Microsoft also allows you to define your own (central) LAW.
Which option should be considered considering to have security logs and monitoring/performance logs? What is the difference? Can I give a Log Analytic Agent two different destinations (one for ASC Security Logs and one for Azure Monitor Logs)?
Aug 25 2021 01:00 PM