Integrate Azure Active Directory logs with SumoLogic using Azure Monitor

In this article, you learn how to integrate Azure Active Directory (Azure AD) logs with SumoLogic using Azure Monitor. You first route the logs to an Azure event hub, and then you integrate the event hub with SumoLogic.

Prerequisites

To use this feature, you need:

Steps to integrate Azure AD logs with SumoLogic

  1. First, stream the Azure AD logs to an Azure event hub.

  2. Configure your SumoLogic instance to collect logs for Azure Active Directory.

  3. Install the Azure AD SumoLogic app to use the pre-configured dashboards that provide real-time analysis of your environment.

    Dashboard

Next steps