Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,645 questions
logs are not parsing in the right format
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 40%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERJ%3C/text%3E%3C/svg%3E)
Rohit Jain
1
Reputation point
Trying to parse logs from azure to Qradar tool. But according to IBM QRadar team event format for the azure logs are incorrect. The event payload should contain the operationName or category and action_name parameters but I can't see these parameters in my logs.
Azure Monitor
Microsoft Security Microsoft Entra Microsoft Entra ID
25,081 questions
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 41%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
AnuragSingh-MSFT 21,546 Reputation points Moderator2022-03-25T02:36:56.707+00:00 @Rohit Jain , thank you for reaching out to us. Can you please share more details about this question., especially the following:
1. What kind of logs are being parsed from Azure to IBM QRadar? Is it from the Log Analytics Workspace?
2. Can you share some sample logs which are incorrect and what is expected? Please ensure to mask sensitive and PII data in the shared information.
3. Corresponding documentation, if available to help us get better insights.Please let me know if you have any questions.
-
AnuragSingh-MSFT 21,546 Reputation points Moderator
2022-03-28T06:09:10.157+00:00 @Rohit Jain , Did you have a chance to review the queries above. Please let me know if you have any questions. Thanks
-
AnuragSingh-MSFT 21,546 Reputation points Moderator
2022-03-30T03:54:00.967+00:00 @Rohit Jain , Following up to check if you had a chance to review my questions above. Please let me know if you have any questions.
Sign in to comment
Sign in to answer