I'm tasked by my company to integrate "azure audit logs" for some of important services e.g virtual machine and azure activity logs.
I'm new to whole azure technology, and i'm doing my best to get it done.
So,far I have setup , "virtual machine linux diagnostic agent" using
https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/diagnostics-linux
The output in json is given in link here
https://jmp.sh/Xbs1SXg
My objective is to get those events read / process by "event hubs". In the JSON, i see now mention of "sinks" or "eventhub" entry. I don't know where this data is shipped.
I have created, a event-hub workspace and instance, but I don't know how to connect the two.
I'm attaching some of errors, I'm getting on "export template tab".
Thank-you!