I already know that I can collect application logs into Azure application insight, and use a storage account streaming this data to event hub, but can splunk pull this data? if yes, how can I configure input in Splunk to do that.
If someone has a documentation about that it will be very helpful.
Yes, there are several apps and add-ons that are available to pull data from event hub.
have a look at this app:
Also,have a look at this detail documentation:
let me know if this helps!
@Koko12345678, out of curiosity ,
Any how you have application logs in Azure for long term storage , and may i know why again you want to index this data from AZure to Splunk ?( any specific requirement )
well i meant that you can monitor event hub data. so it could be anything this app monitors event hub.If you send application logs to event hub add-on will get data from event hub. you can give it a try.
Another approach is using HTTP event collector.
have a look at this link.