I want to use the Azure Sentinel For SIEM purpose. The challenge i am facing is that the Data is present in a AWS Oracle RDS table. I am not able to find any good way to ingest this table directly to Azure Sentinel.
One way to do it is,
1. Create a DB trigger on RDS table and log the insert queries into a file and save it to S3.
2. Push the S3 file to Azure Sentinel periodically via "HTTP Data Collector API" provided by Azure.
My Questions are:
1. Is there any better ways to do it?
2. The "HTTP Data Collector API" is in the public preview mode. Do we know when can it be a part of general release? It is in public preview for like more then a year.
3. Is there any way that Azure Sentinel can pull (instead of me pushing the data) from S3 Bucket (Or any File Storage)?