Dynatrace Audit Logs connector for Microsoft Sentinel
This connector uses the Dynatrace Audit Logs REST API to ingest tenant audit logs into Microsoft Sentinel Log Analytics
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | {{graphQueriesTableName}} |
| Data collection rules support | Not currently supported |
| Supported by | Dynatrace |
Query samples
All Audit Log Events
DynatraceAuditLogs
| take 10
User Login Events
DynatraceAuditLogs
| where EventType == "LOGIN"
and Category == "WEB_UI"
| take 10
Access Token Creation Events
DynatraceAuditLogs
| where EventType == "CREATE"
and Category == "TOKEN"
| take 10
Prerequisites
To integrate with Dynatrace Audit Logs make sure you have:
- Dynatrace tenant (ex. xyz.dynatrace.com): You need a valid Dynatrace Tenant, to learn more about the Dynatrace platform Start your free trial.
- Dynatrace Access Token: You need a Dynatrace Access Token, the token should have Read audit logs (auditLogs.read) scope.
Vendor installation instructions
Dynatrace Audit Log Events to Microsoft Sentinel
Enable Dynatrace Audit Logging. Follow these instructions to generate an access token.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for