We are using ADX solution as part of sentinel for long term retention and would like to know if we can retrieve the data from ADX/ADF back to log analytics when needed.
We are using ADX solution as part of sentinel for long term retention and would like to know if we can retrieve the data from ADX/ADF back to log analytics when needed.
Hello @DhanyaRagini-5465,
Just checking in to see if the below answer provided by @LeonLaude helped. If this answers your query, do click Accept Answer and Up-Vote for the same. And, if you have any further query do let us know.
As far as I know it is possible to connect Azure Data Explorer (ADX) / Azure Data Factory (ADF) to Log Analytics (LA), please check the documentations below for more information:
Query data in Azure Monitor using Azure Data Explorer (Preview)
https://docs.microsoft.com/en-us/azure/data-explorer/query-monitor-data
Monitor and Alert Data Factory by using Azure Monitor
https://docs.microsoft.com/en-us/azure/data-factory/monitor-using-azure-monitor
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
Best regards,
Leon
Hi Leon,
Thanks for your response.
My scenario is we have hot data in log analytic workspace for 90 days and then it is being pushed to ADX for 1 year(cold storage).The requirement is we need to push the data from ADX to log analytic workspace where it becomes the hot data and then query them.
We are reaching out to internal team to get help on this issue and will update you as soon as we have a response.
Thank you for your patience.
There isn't a built-in mechanism to do the above requirement. LA has REST API capabilities to ingest logs though, so it might be possible through ADF.
Hope this helps.
5 people are following this question.