question

DhanyaRagini-5465 avatar image
0 Votes"
DhanyaRagini-5465 asked PRADEEPCHEEKATLA-MSFT commented

Is it possible to push data from ADX/ADF back to LA?

We are using ADX solution as part of sentinel for long term retention and would like to know if we can retrieve the data from ADX/ADF back to log analytics when needed.

azure-data-explorer
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @DhanyaRagini-5465,

Just checking in to see if the below answer provided by @LeonLaude helped. If this answers your query, do click Accept Answer and Up-Vote for the same. And, if you have any further query do let us know.

0 Votes 0 ·

1 Answer

LeonLaude avatar image
0 Votes"
LeonLaude answered PRADEEPCHEEKATLA-MSFT commented

Hi @DhanyaRagini-5465,

As far as I know it is possible to connect Azure Data Explorer (ADX) / Azure Data Factory (ADF) to Log Analytics (LA), please check the documentations below for more information:

Query data in Azure Monitor using Azure Data Explorer (Preview)
https://docs.microsoft.com/en-us/azure/data-explorer/query-monitor-data

Monitor and Alert Data Factory by using Azure Monitor
https://docs.microsoft.com/en-us/azure/data-factory/monitor-using-azure-monitor


(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)


Best regards,
Leon

· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi Leon,

Thanks for your response.

My scenario is we have hot data in log analytic workspace for 90 days and then it is being pushed to ADX for 1 year(cold storage).The requirement is we need to push the data from ADX to log analytic workspace where it becomes the hot data and then query them.

0 Votes 0 ·

Hi @DhanyaRagini-5465,

We are reaching out to internal team to get help on this issue and will update you as soon as we have a response.

Thank you for your patience.

0 Votes 0 ·

Hi @DhanyaRagini-5465,

There isn't a built-in mechanism to do the above requirement. LA has REST API capabilities to ingest logs though, so it might be possible through ADF.

Hope this helps.

0 Votes 0 ·