![]() Under the Azure Activity blade under click “Open connector page” Step 4 Step 5: Step 1 Step 2:Īfter the Azure Sentinel is created, under configuration choose Data Connectors Step 2 Step 3:įind and choose Azure Activity under the connectors. Search for Azure Sentinel in search of the portal and open it, afterwards click Create for creating Azure Sentinel and choose/create your log analytics workspace. For catering this issue I am summarizing all the steps from the beginning of creating new resource of Azure sentinel and configuring the Azure Activity Data connector with screenshots as below: Step1 : This has brought schema change in the AzureActivity table along with the plethora of performance improvements like Improved ingestion latency (now the events are ingested within 2-3 minutes of occurrence instead of 15-20 minutes which it took earlier), Improved reliability, Improved performance, Support for all categories of events logged by the Activity log service, Management at scale with Azure policy, Support for MG-level activity logs (though it is in preview as of now).īut along with all these performance improvements the users, who are used to the previous procedure of enabling the Connector, are facing some issues as the connector doesn’t come as connected straight away after following the given steps (which can be found here). Recently the aforesaid connector adopted a diagnostic setting pipeline and switched from the legacy method of collecting events. ![]() Through the Azure Activity Data connector, one can stream all this event information in Azure Sentinel. ![]() Through this log, you can have information like ‘what, who, and when for any operation that was performed on any resource created in the subscription. As we know Microsoft is constantly focused on providing the best services to its customers, and in the process, they upgrade/change the underlying infrastructure/ procedure every now and then to ensure that all the services are working optimally.Īs we know that Azure Activity log provides subscription-level events and insight thereof. Azure Activity data Connector for Azure sentinel has recently been changed.
0 Comments
Leave a Reply. |