question

Ysadh-9773 avatar image
0 Votes"
Ysadh-9773 asked PRADEEPCHEEKATLA-MSFT answered

Azure data explorer

I want to transfer around 150TB of archival logs from IBM Qradar to Azure data explorer for long term retention.

Should I consider Azure Blob or Azure data lake in this case ? Any other suggestions also welcome.

azure-blob-storageazure-data-lake-storageazure-data-explorer
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

PRADEEPCHEEKATLA-MSFT avatar image
0 Votes"
PRADEEPCHEEKATLA-MSFT answered

Hello @Ysadh-9773,

Welcome to the MS Q&A platform.

You should consider Azure Blob Storage.

These are the following reasons to use Azure Blob storage.

  • It offers configurable hot and cold caches backed by memory and local disk, with data persistency on Azure Storage.

  • Data persisted in ADX is durably backed by Azure Storage that offers replication out of the box, locally within an Azure Data Center, zonally within an Azure Region.

For more details, refer to the below links:

Long term retention of Config and Data backups leveraging Microsoft Azure Blob Storage

Using Azure Data Explorer for long term retention of Microsoft Sentinel logs

Hope this will help. Please let us know if any further queries.


  • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how

  • Want a reminder to come back and check responses? Here is how to subscribe to a notification

  • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.