title | description | author | ms.topic | ms.date | ms.service | ms.author | ms.collection |
---|---|---|---|---|---|---|---|
Dynatrace Audit Logs connector for Microsoft Sentinel |
Learn how to install the connector Dynatrace Audit Logs to connect your data source to Microsoft Sentinel. |
cwatson-cat |
how-to |
04/26/2024 |
microsoft-sentinel |
cwatson |
sentinel-data-connector |
This connector uses the Dynatrace Audit Logs REST API to ingest tenant audit logs into Microsoft Sentinel Log Analytics
This is autogenerated content. For changes, contact the solution provider.
Connector attribute | Description |
---|---|
Log Analytics table(s) | {{graphQueriesTableName}} |
Data collection rules support | Not currently supported |
Supported by | Dynatrace |
All Audit Log Events
DynatraceAuditLogs
| take 10
User Login Events
DynatraceAuditLogs
| where EventType == "LOGIN"
and Category == "WEB_UI"
| take 10
Access Token Creation Events
DynatraceAuditLogs
| where EventType == "CREATE"
and Category == "TOKEN"
| take 10
To integrate with Dynatrace Audit Logs make sure you have:
- Dynatrace tenant (ex. xyz.dynatrace.com): You need a valid Dynatrace Tenant, to learn more about the Dynatrace platform Start your free trial.
- Dynatrace Access Token: You need a Dynatrace Access Token, the token should have Read audit logs (auditLogs.read) scope.
Dynatrace Audit Log Events to Microsoft Sentinel
Enable Dynatrace Audit Logging. Follow these instructions to generate an access token.
For more information, go to the related solution in the Azure Marketplace.