...
Table | Description |
|---|---|
Data from Event Hubs, VM Metrics, Entra ID, and other sources. | |
cloud.azure.service.type | For most Azure services, there is a separate table for each type of log associated with that service. |
cloud.azure.ad.* | Entra ID identity and access management logs. |
cloud.azure.ad.signin_all | This union table combines all the different Entra ID authentication logs. |
Authentication logs, including Entra ID and Azure SQL authentication. | |
Web activity, including Azure Application Gateway. | |
Firewall activity, including Azure Firewall | |
DNS activity, including Azure Firewall DNS Proxy. |
...