Sentinel - extract logs RRS feed

  • Question

  • Sentinel will keep the logs files for 90 days, but I want to then archive them. Is there an API in which I can use to archive the logs into Storage Blobs in another location. 
    Wednesday, November 13, 2019 4:02 PM

All replies

  • You can use "Log Analytics API" to export your data from your log analytics store to another location.  Please refer to this blog which talks about exporting log analytics data to a blob store.  Other documents you can refer to are - 

    Wednesday, November 13, 2019 6:08 PM
  • Hello Cairn23,

    Hope you are doing great. I am just following up on this request in case the information provided in the post helped. Please do mark it as answer in case the information provided helped you so that its relevancy increases and it helps people searching for similar queries . In case if you have any further queries on this , please do let us know and we will be happy to help . 

    Thank you. 

    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!!

    Wednesday, November 20, 2019 4:04 PM
  • Please let us know if you were able to resolve the issue from the replies before. If you still have more questions please let us know with some additional information regarding your question and we'll try to resolve it. It may require additional support escalation if we are unable to resolve this on this msdn thread. 

    If there's no more follow ups in regards to this, I will be marking an answer as answer. If you feel your question has not been answered please let us know anymore pending asks and we can try to follow up accordingly. 


    - Frank H.

    Tuesday, November 26, 2019 8:04 PM
  • Please remember to mark one of the responses as answer if your question has been answered. If not please let us know if there are anymore questions. Also please remember to post future questions on the new Q&A Forums here : https://docs.microsoft.com/answers/index.html Thanks

    Wednesday, December 11, 2019 7:08 PM