Microsoft Azure Platform DSM specifications
When you configure the Microsoft Azure Platform DSM, understanding the specifications for the Microsoft Azure Platform DSM can help ensure a successful integration. For example, knowing what event format is supported before you begin can help reduce frustration during the configuration process.
| Specification | Value |
|---|---|
| Manufacturer | Microsoft |
| DSM name | Microsoft Azure Platform |
| RPM file name | DSM-MicrosoftAzurePlatform-QRadar_version-build_number.noarch.rpm |
| Supported versions | N/A |
| Protocol |
Microsoft Azure Event Hubs |
| Event format |
JSON |
| Recorded event types |
Platform level activity logs For more information about Platform level activity logs, see Azure Resource Manager resource provider operations (https://docs.microsoft.com/en-us/azure/role-based-access-control/resource-provider-operations). |
| Automatically discovered? | Yes Note: This DSM automatically discovers only Activity Log Events that are forwarded directly from the
Activity Log to the Event Hub.
|
| Includes identity? | No |
| Includes custom properties? | No |
| More information |
Microsoft Azure Information page (https://azure.microsoft.com/en-us/services/event-hubs) Microsoft Azure Portal (https://portal.azure.com) |