Umang Pachaury
Reputation: 41
Azure Microsoft Entra Id integration with Elastic Fleet
We need to fetch Microsoft Entra Id SignIn logs using integration with Elasticsearch fleet. We've added its respective integration under a policy and provided required values. The integration is shown as "Healthy" within Elasticsearch Fleet Agnet details section.
The policy is configured to send logs to logstash from where its collected at Elasticsearch. Agent logs and metrics are being fetched but Azure Signin logs are not showing.
From Azure side, Azure Event Hub is added and logs are showing inside as Incoming messages, but these logs are not being received at Elasticsearch side.
Any inputs regarding this will be helpful. Also suggest on how can we see Elastic Agent logs for further debugging.
Regards
Upvotes: 0
Views: 34
Answers (0)
Related Questions
- How to use the elastic-agent container to collect service logs from another container?
- Fleet integration for Barracuda Firewall logs
- elastic-agent is not collecting data
- Trouble running Elastic agent in a Kubernetes deployment with official Docker image
- How to do some pre-processing of custom logs before indexing in elastic search?
- pushing data from logtsash to elasticserach