![]() In the context of Splunk, you're typically looking for the "List" operations. The third major way Microsoft makes Azure data available is REST APIs, and there are a lot of them. If not, forget that last sentence or just Google (or Bing) those terms if you want to dive a little deeper. Hint: if the terms Pub/Sub, Kafka, producer and consumer mean anything to you, think in those terms. Event Hubs can also scale up or down depending on the load necessary for receiving or delivering data. In fact, Event Hubs have a pretty short retention time for events (typically 24 hours to 7 days). However, data that goes onto an Event Hub is meant to be retrieved by something else. This is similar to the storage account methodology mentioned above. What I mean by this is Azure can dump data onto an Event Hub (via a service called Azure Monitor). I like to think of Event Hubs as a scalable, relatively short-term, message bus. Talking about standards, Event Hubs are the new standard for most Azure services. Just know that a source service could be configured to dump data into a separate storage account for retrieval. Storage accounts have their own security and retention mechanisms, but we won't get too much into the weeds here. ![]() Since storage accounts are a separate service than a VM, the data about the VM will live on even after you delete the VM. For example, if you want Virtual Machine event logs, Azure will dump those into a storage account you specify. Basically, Microsoft will dump data from a service into a separate storage location (called a storage account). ![]() This was the standard back in the day when Azure was introduced. There are 3 main ways Microsoft makes Azure data available. In this blog post, I'm going go over how Microsoft makes Azure data available, how to access the data, and out-of-the-box Splunk Add-Ons that can consume this data. With the growing list of Azure services and various data access methods, it can be a little cloudy (pun intended) on what data is available and how to get all that data into Splunk. If you're reading this, you're probably wondering how to get data from various Microsoft Azure services into Splunk. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |