Integration of Sentinel with other 3rd party on-prem SIEM solutions (stream alerts to eventhub)

Hi Manuel_DEste, great meeting you again!

Yes and no.

Forwarding alerts to an event hub is supported. You can use one of several ways:

• Run a Logic App scheduled playbook to read alerts using the Log Analytics connector and then write them to an event hub using the Event Hub connector.
• Soon you will be able to do it by running a playbook automatically when an alert triggers.
• Lastly, you can Use the Security Graph API. Note that this will send all Azure alerts to your SIEM, not just Sentinel's.

Why no? because what you really want to send are cases and not alerts, which are automatically aggregated and reduced alerts. We are working to make sure those can be sent to a SIEM as well.