Mar 05 2019 01:07 PM
Can you let me know if Azure Sentinel supports (out of the box) connections to Azure B2C Logs. The document states that Azure Sentinel can ingest Azure AD sign-in and audit logs but was not sure for Azure B2C.
Regards,
Adrian
Mar 06 2019 04:07 PM
@Eyal Manor: Is this something you can help with?
Mar 06 2019 11:05 PM
Mar 07 2019 07:48 AM
Thank you Eyal!@Koby Koren: Can you please help with this topic?
May 24 2019 11:13 AM
@Koby Koren @Valon_Kolica @DhanyahkMSFT Any update on this? I have the same question. Thanks!
May 24 2019 12:38 PM
May 28 2019 06:19 AM
Solutionand @Adrian Gordon
To answer the question, yes we take in Azure AD B2C Audit logs
If configured, you'll see B2C Audit logs pulled over into Azure Sentinel whenever you've enabled Azure AD Audit connector within Sentinel.
Example:
Pulling a Query over the past 7 days, looking for B2C audit logs
Sep 11 2019 01:23 PM
@Chris Boehm Presumably the Sentinel instance must be created within the B2C tenant? Or can it be created in my primary tenant and pointed to the B2C tenant to capture logs?
Sep 30 2019 09:02 AM
Oct 04 2019 10:04 AM
Oct 25 2019 07:08 AM
@Chris Boehm I also would like details on how to add a B2C to Sentinel. It is showing the primary data, but no data from our B2C tenant.
Jun 23 2020 12:55 PM
@wmansfieldand @Chris Boehm did you come up with a straight forward solution for getting B2C logs directly into a corp tenant?
Jun 28 2020 11:41 AM
You can now collect B2C logs from your B2C tenant to your primary tenant AAD logs as described here.
~ Ofer
Sep 12 2021 11:28 PM