Hi,
I want centralized logs to Amazon Elasticsearch, how to forward Azure logs to there? It seems not list in the partner tools with Azure Monitor integration.
Did Azure can actively send records or query from AWS?
I already have Azure Monitor.
Hi,
I want centralized logs to Amazon Elasticsearch, how to forward Azure logs to there? It seems not list in the partner tools with Azure Monitor integration.
Did Azure can actively send records or query from AWS?
I already have Azure Monitor.
Hello @GinoHuang-3666,
Welcome to the Microsoft Q&A platform.
Unfortunately, you cannot forward Azure Logs to non-Azure SIEM.
Using Azure Monitor to route monitoring data to an Azure Event Hub allows you to easily integrate with some external SIEM and monitoring tools. The following partners are known to have integration via Event Hub.
.
I would suggest you to provide feedback on the same:
https://feedback.azure.com/forums/911458-event-hubs
All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Azure.
Hope this helps. Do let us know if you any further queries.
Please don’t forget to Accept Answer and Up-Vote wherever the information provided helps you, this can be beneficial to other community members.
Hello @GinoHuang-3666,
Just checking in to see if the above answer helped. If this answers your query, do click Accept Answer and Up-Vote for the same. And, if you have any further query do let us know.
Hello @PRADEEPCHEEKATLA-MSFT
"Syslog server" shown on your Event Hub integration list pic. Is that means I can build an Azure VM run syslog service (like rsyslog) and forward Azure logs into it? If no, what is "Syslog server" means?
Hello @GinoHuang-3666,
Thanks for the follow-up question.
We are reaching out to the internal team to get more help on this, I will update you once we hear back from them.
Hello @GinoHuang-3666,
We are still waiting for an update from internal team. I will get back to you once we hear back from them.
Stay tuned!
12 people are following this question.