To which service should you export the alerts?

Last Updated on November 14, 2021 by Admin

You have an Azure subscription that has Azure Defender enabled for all supported resource types.

You need to configure the continuous export of high-severity alerts to enable their retrieval from a third-party security information and event management (SIEM) solution.

To which service should you export the alerts?

  • Azure Cosmos DB
  • Azure Event Grid
  • Azure Event Hubs
  • Azure Data Lake