Possible to stream filtered MDE events/alerts to Event Hub or Storage Blob?

Brass Contributor

If there is a separation of duties between groups where one group has access to all of MDE events/alerts and one group wants access to just their MDE events/alerts, is it possible to stream MDE events/alerts for just that group to a dedicated Event Hub/Storage Blob so they can access the info?



2 Replies
We streamed the whole DeviceEvents table to an event hub, then used a Stream Analytics task to filter out the events we wanted to a second event hub for consumption