Sign-in Logs no longer being sent to Eventhub

Gord Taylor 0 Reputation points
2024-08-20T22:20:43.3766667+00:00

I've been using Elastic Cloud to retrieve Sign-in logs from AzureAD since December/2023 without any issues. Suddently on Aug 15th, I stopped receiving events (though I am getting other event types of logs suck as provisioning). I also see a commensurate drop in events going into the eventhub, so I'm confident it's not an Elastic issue.

No changes have been make, and I've also confirmed the eventhub connections string is correct (as I mentioned, I am seeing other logs to that eventhub), and I tried disabling/enabling the delivery to eventhub in case there was something corrupted on the back-end, but the logs still aren't getting to eventhub. Also, no outages or degredation in the Canadian Central.

Anyone else seeing similar issue? I'm not sure what else to troubleshoot.

Thanks,

Gord T.

Azure Event Hubs
Azure Event Hubs
An Azure real-time data ingestion service.
648 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.