Create Log Streaming Report Definitions

Create a Log Streaming report to view data about the logs streamed to an external SIEM server such as Microsoft Azure.

You can create a report for the current month, previous month, or the entire period of the data transfer. The report contains the log stream name, the type of log forwarded, such as audit log, sessions log, or security events, and the amount of data forwarded to the external SIEM server.

Before You Begin

Read the Reports Overview topic.
Review the Reports main page for an understanding of your current data set. See Report Definitions Main Page Fields for the field descriptions.

Select Monitor > Reports > Report Definitions.
Click Create, and select Log Streaming Report.
The Create Log Streaming Report Definition page is displayed.

Complete the configuration according to the guidelines provided in Table 1.

Table 1: Log Streaming Report Definition
Settings	Guidelines
General
Report Name	Enter a unique string for the report name containing maximum 64 alphanumeric characters. The name can contain dashes (—).
Description	Enter a description containing maximum 900 characters for the report.
Content
Report Type	Select a report duration. Current Month Usage Last Month Usage Historical Usage—Generate the report for the entire period of data transfer except current month.
Schedule
Report Schedule	Click Add Schedule, and select the type of report schedule. Run now Schedule at a later time
Email Section
Email Recipients	Enable this option to send the report to specific recipients in an email. Recipients—Enter the e‐mail addresses of the recipients. You can search for the e-mail addresses of the users by their first name. You can also enter external email addresses. Subject—Enter the subject for the e‐mail notification. Comments—Enter the comments for the e‐mail notification.

Click OK.

A new log streaming report definition with the defined configurations is created.

Create Log Streaming Report Definitions

Related Documentation