Skip to main content
Sumo Logic

Azure Audit

The Sumo Logic App for Azure Audit allows you to collect data from the Azure Activity Log (formerly known as Azure Audit logs) and monitor the health of your Azure environment. The App provides preconfigured Dashboards that allow you to monitor Active Directory activity, resource usage, service health, and user activity.  Logs can be collected in two ways - from Event Hub, and from Azure Insight API using Sumo Powershell scripts.

To use the App, perform the steps in the following sections.

To collect Azure Audit logs from Event Hub, you would first need to create an Event Hub, export activity logs to the Event Hub, create a Function App, define the required environment variables, and finally deploy the function.

Then finally, install the Sumo Logic App for Azure Audit.

Log Types

The Sumo Logic App for Azure Audit uses the following logs: