Collect logs from Azure


Looking at this page: Microsoft Azure | InsightIDR Documentation

Here I see this information:
"When you configure Azure Event Hubs and consume data and logs through the Microsoft Azure event source, InsightIDR will:

** Collect Azure Active Directory events to offer ingress authentication and Single Sign-On (SSO) detections.*
** Collect Azure Active Directory events to offer cloud service activity and cloud service admin activity.*
** Collect Azure Monitor events to offer Azure Security Center alerts as a third-party alert. Read more about Azure Security Center here: Microsoft Defender for Cloud - CSPM & CWPP | Microsoft Azure"*

How could you hook up services like Azure Firewall, Application Gateway, Azure SQL Databases, Azure KeyVault, Azure Kubernetes Service etc? (is it possible?)



You could perform the steps in Task 3 to get some events through the Azure Monitor.
If you want logging from the specific services you will need to stream their diagnostics data settings to your event hub that you connected in InsightIDR.
Within InsightIDR you can then enable the checkbox to enable unparsed data.