Monitoring Azure platform and services

The Azure Monitor Logs collects and organizes logs and performance data from monitored resources, including Azure services, virtual machines, and applications. This insight can be sent to ThreatLockDown using the Azure Log Analytics REST API or directly accessing the contents of an Azure Storage account.

This section explains the two ways to proceed, looking at the steps to follow in the Microsoft Azure portal and using the azure-logs module on the ThreatLockDown manager. The ThreatLockDown azure-logs module requires dependencies as well as the right credentials to access the logs. Take a look at the prerequisites section before proceeding.