Back to Blog
Security diagram for azure nsg5/31/2023 I like to think of Event Hubs as a scalable, relatively short-term, message bus. Talking about standards, Event Hubs are the new standard for most Azure services. Just know that a source service could be configured to dump data into a separate storage account for retrieval. Storage accounts have their own security and retention mechanisms, but we won't get too much into the weeds here. Since storage accounts are a separate service than a VM, the data about the VM will live on even after you delete the VM. For example, if you want Virtual Machine event logs, Azure will dump those into a storage account you specify. Basically, Microsoft will dump data from a service into a separate storage location (called a storage account). This was the standard back in the day when Azure was introduced. There are 3 main ways Microsoft makes Azure data available. In this blog post, I'm going go over how Microsoft makes Azure data available, how to access the data, and out-of-the-box Splunk Add-Ons that can consume this data. With the growing list of Azure services and various data access methods, it can be a little cloudy (pun intended) on what data is available and how to get all that data into Splunk. If you're reading this, you're probably wondering how to get data from various Microsoft Azure services into Splunk.
0 Comments
Read More
Leave a Reply. |