Hi,
As I have mentioned in another thread this probably refers to Activity logs. Activity logs are the audit logs for Azure management plane operations. You probably can use these policies:
- Configure Azure Activity logs to stream to specified Log Analytics workspace
- Azure Monitor should collect activity logs from all regions
- Azure subscriptions should have a log profile for Activity Log
- Activity log should be retained for at least one year
There is no policy covering the export to event hubs but you can make such by modifying the storage account one. Instead of storage account target it will be event hubs target.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.