This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
Cloud platforms
Questions about AWS, Azure, and Google Cloud Platform.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure Activity Logs: mapping entities for Davis Events

michiel_otten
Champion

‎08 May 2026 08:17 AM

I’m currently ingesting Azure Activity Logs through the native Azure integration into the platform. The logs are arriving correctly, but I’m trying to trigger events based on entities such as azure.subscription.

The challenge I’m running into is within OpenPipeline: I can’t seem to find or map a valid dt.source_entity value from the incoming Azure Activity logs. Currently my Davis Events all trigger against the environment.

What I’m trying to achieve is something along the lines of:

  • Azure Activity Log arrives
  • Extract/map the Azure Subscription entity
  • Trigger events/workflows against that entity

Has anyone successfully implemented this mapping before?
If so:

  • Which field did you map to dt.source_entity? (if possible)
  • Are there any best practices for Azure Activity Log entity enrichment?

Any examples or guidance would be appreciated. Thanks!

#Performance matter!
0 Kudos
Reply
0 REPLIES 0
Ask a question

Featured Posts