You are a global administrator in a company with Microsoft 365 E5 licenses assigned to your users.
You have onboarded Azure sentinel as a cloud based SIEM solution.
Where are the audit logs of Azure Sentinel maintained?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: B
The Sentinel audit logs are maintained in Azure Activity Log.
You can add a Data connector to stream the data from Activity log into Azure Sentinel in order to view and investigate it.
Option A is incorrect.
Sentinel Audit Logs are not maintained in a storage account.
Option C is incorrect.
Sentinel Audit Logs are not maintained in a key vault.
Option D is incorrect.
Sentinel workbooks are used to visualize and monitor your data.
To know more about Azure sentinel audit logging, please refer to the link below:
The audit logs of Azure Sentinel are maintained in the Azure Storage Account.
Azure Sentinel is a cloud-based SIEM (Security Information and Event Management) solution that provides intelligent security analytics and threat intelligence across enterprise networks. It is built on top of Azure Log Analytics and uses Microsoft's AI and machine learning capabilities to detect and respond to threats in real time.
Azure Sentinel collects and analyzes data from various sources, including Azure services, on-premises systems, and other cloud environments. It ingests data from sources such as Azure Activity Logs, Azure Security Center, Azure Active Directory, and Microsoft Defender ATP, among others.
Azure Sentinel stores the collected data in an Azure Storage Account. The data is then processed by the Azure Sentinel service, which uses advanced analytics and machine learning algorithms to identify and prioritize security incidents.
Azure Storage Account is a highly scalable and secure storage solution that is designed for storing and managing large amounts of unstructured data. It provides a reliable and cost-effective way to store and manage data, and it can be easily integrated with other Azure services.
In summary, the audit logs of Azure Sentinel are maintained in the Azure Storage Account, which is a highly scalable and secure storage solution designed for storing and managing large amounts of unstructured data.