The first step is identifying the event hub used to stream data from Defender for Cloud, to the system located behind the firewall.Įvent hub provides you with a way to ingest data and integrate with other Azure services, like Defender for Cloud. Verify data is being exported to the destination event hub.
Configure continuous export as a trusted service to use the destination event hub.Add the relevant role assignments on the destination event hub.
To configure Continuous export as a trusted service, you need to perform the following steps in sequence: How would you go about doing that? This article teaches you how to accomplish this scenario by configuring export as a trusted service. Imagine if the system you want to stream Microsoft Defender for Cloud data is located behind the firewall. This capability is called continuous export. Have you ever found yourself in a situation where you needed to stream Microsoft Defender for Cloud data to another system? Microsoft Defender for Cloud provides the option of streaming data like recommendations and security alerts, to a Log Analytics workspace, event hub, or another SIEM solution.