Hey @allen schroers
You can most definitely ship logs to a remote location, provided you have access to the relevant configuration areas & your SIEM Supports shipping. The following links should provide some context.
Azure AD activity logs in Azure Monitor
Create diagnostic settings to send platform logs and metrics to different destinations
Cheers,
James
If my answer helped your problem, please select mark as answer.