Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,048 questions
Azure Microsoft Defender Endpoint: How to Integrate or Stream Logs to Azure Log Analytics Workspace
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 8%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Arnold Reddy
0
Reputation points
I'm having trouble finding articles on how to stream/connect logs from Microsoft Defender for Endpoint to a new Log Analytics Workspace in the same tenant. Most solutions I've found show Defender for Cloud, but we're using Microsoft Defender for Endpoint and need to send logs to a Log Analytics Workspace in the same tenant in Part 1, then to another LA workspace in another tenant for Part 2. I think Log Ingestion API could be the solution, but I'm looking for examples or usable tutorials. Can anyone share some information or advice?