ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    How to Transfer Microsoft Sentinel Logs to Azure Storage

    Starwind
    starwind microsoft microsoft sentinel azure storage
    1
    1
    405
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OksanaO
      Oksana
      last edited by

      1.png

      You may need your Sentinel logs in long-term retention based on government requirements. Azure Log Analytics starts charging for such retention after 90 days have elapsed. However, you can use a Playbook that creates an Azure Storage account and, after 90 days, automatically moves such logs to cold storage to avoid retention billing.

      Read the article by Nicolas Prigent, a three-time Microsoft MVP, on how to leverage a Microsoft Playbook to move Sentinel logs to Azure cold storage for retention automatically.

      1 Reply Last reply Reply Quote 1
      • 1 / 1
      • First post
        Last post