Creating a Custom Data Table I can apply transformations to?

Porter76 · ‎Jan 16 2024

I am going to configure a pipeline to push out AWS API GW logs to sentinel using S3 and lambda. In the past when I have used this same method, I am unable to create transformations on the custom data table or user DCR's.

How can I go about doing this so when I create the custom table I am able to create transformations and DCR's? There will be an enormous amount of data thats being sent so I need to be able to filter on only the data I need.

Thanks

‎Jan 17 2024

Did you first create the table and do you have any data that you can use with the transformation?

‎Jan 17 2024

I haven't created the table yet, I could pull sample data to upload and create the schema. When I try uploading the sample file though I just get upload error over and over

‎Jan 23 2024

Hi if you cannot add a transformation through the LAW > tables etc, then you can add a custom transformation to the DCR itself 🙂
This link goes more in depth on this here - https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/data-collection-transformations

Thats how i've gotten round not being able to add transformations to custom tables in the past

Hope that helps

Creating a Custom Data Table I can apply transformations to?

Creating a Custom Data Table I can apply transformations to?

Re: Creating a Custom Data Table I can apply transformations to?

Re: Creating a Custom Data Table I can apply transformations to?

Re: Creating a Custom Data Table I can apply transformations to?

Products (47)

Special Topics (23)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Creating a Custom Data Table I can apply transformations to?