![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 3%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,165 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @横田 大和 ,
The article you linked is about fetching from S3 to Sentinel and not the other way around. The Amazon Web Services S3 connector allows you to ingest AWS service logs to Sentinel, and it can ingest logs from various AWS sources. You need to use the connector to do this and the logs flow from AWS to Sentinel.
To query files from Microsoft Sentinel, you can use the Log Analytics agent. https://learn.microsoft.com/en-us/azure/sentinel/connect-custom-logs?tabs=DCG
You can use the Sentinel API with a Get request to query incidents, if this is what you were hoping to accomplish:
https://learn.microsoft.com/en-us/rest/api/securityinsights/But the connector isn't designed for bi-directional flow between Sentinel and S3.
If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions.