Create a single view of Azure and Private Cloud Data
Ensuring that all the data you collect from Azure is properly integrated into Splunk is a challenge that many companies encounter. While the Splunk Azure Monitor app does exist, it’s not supported by either Microsoft or Splunk. And it’s no secret that Splunk has developed the majority of its services with AWS in mind.
In response to this, we have created the Azure Event Hub Consumer TA (“ECTA) to flow Azure events into Splunk and the Eventhub Insights App to gain visibility into Eventhub performance metrics. These are completely free and readily available to anyone interested.

ECTA Architecture
- Deployment Flexibility – ECTA can be deployed in public or private or hybrid clouds (e.g. AWS, Azure, GCP) or on-premise network. ECTA cannot be deployed in Splunk Cloud because of the “garden wall” policy surrounding 3rd party libraries. However, you can connect to Splunk Cloud indexers with one of the afore-mentioned deployment options.
- ECTA deployment architecture does not impose any constraints on Azure Event Hub architecture
- Our User Guide goes into more detail related to Load Test and Data Flow Consumer side Architecture
- ECTA does not offer any load balancing features over and above Splunk Heavy forwarder best practices
Who are the Business Stakeholders interested in Azure Events?
Download Solsys Apps for Splunk
ECTA
The ECTA is a lightweight data stream processor
to consume any type of Azure Event Hub message.
The ECTA typically supports Operational, SIEM, IOT, Billing
and Multi-Cloud Use Cases.
Azure Event Hub Insights App
This Azure Event Hub Insights App provides
dashboards for understanding meta information
regarding data that is onboarded and information on your
default operational-insights-logs eventhub.
Fill out the form and we will email you the User Guide

* These fields are required.