使用 Azure Monitor 将 Azure Active Directory 日志与 SumoLogic 集成Integrate Azure Active Directory logs with SumoLogic using Azure Monitor

本文介绍如何使用 Azure Monitor 将 Azure Active Directory (Azure AD) 日志与 SumoLogic 集成。In this article, you learn how to integrate Azure Active Directory (Azure AD) logs with SumoLogic using Azure Monitor. 首先将日志路由到 Azure 事件中心,然后将事件中心与 SumoLogic 相集成。You first route the logs to an Azure event hub, and then you integrate the event hub with SumoLogic.

先决条件Prerequisites

若要使用此功能,需满足以下条件:To use this feature, you need:

将 Azure AD 日志与 SumoLogic 相集成的步骤Steps to integrate Azure AD logs with SumoLogic

  1. 首先,将 Azure AD 日志流式传输到 Azure 事件中心First, stream the Azure AD logs to an Azure event hub.

  2. 将 SumoLogic 实例配置为收集 Azure Active Directory 的日志Configure your SumoLogic instance to collect logs for Azure Active Directory.

  3. 安装 Azure AD SumoLogic 应用以使用预配置的仪表板,这可对环境进行实时分析。Install the Azure AD SumoLogic app to use the pre-configured dashboards that provide real-time analysis of your environment.

    仪表板

后续步骤Next steps