elasticmachine
commented
3 years ago Pinging @elastic/integrations-platforms (Team:Platforms)
Closed smartkathycat closed 3 years ago
elasticmachine
commented
3 years ago Pinging @elastic/integrations-platforms (Team:Platforms)
narph
commented
3 years ago @smartkathycat you mean nsg flow logs right? We have an enhancement issue opened regarding adding support for azure blob storage input which could help in this case https://github.com/elastic/integrations/issues/403. A workaround atm would be to make use of the azure function built by the Microsoft team https://github.com/microsoft/AzureNetworkWatcherNSGFlowLogsConnector that can parse and transfer those logs to an event hub where they can be picked up by our azure-eventhub input in Filebeat or Logstash.
masci
commented
3 years ago @smartkathycat I'm closing as there's a workaround for this and we have https://github.com/elastic/integrations/issues/403 to track the work on blob storage support. Feel free to reopen or follow up on https://github.com/elastic/integrations/issues/403 should you have any issue.
Describe the enhancement:
Describe a specific use case for the enhancement or feature: Users would like to use filebeat to pull NSG logs from Azure blobs. Currently there are only a subset of features are supported for Azure compared to AWS.