Azure Data Explorer
Overview
The Azure Data Explorer integration allows you to export Akto Agentic security activity data into an Azure Data Explorer (ADX) database. With the integration you can have centralised analytics, long-term storage, and correlation with other operational data already present in ADX.
Prerequisites
Azure Data Explorer Cluster and Database Details
You need an existing Azure Data Explorer cluster and database and should have the cluster endpoint and the database name for the cluster being integrated.
If an Azure Data Explorer cluster does not exist, you can create one in the Azure portal before continuing.
Azure App Registration
Akto uses an Azure App Registration for authentication with Azure Data Explorer.
Create a New App Registration
Open App registrations in the Azure portal.
Select New registration from the left navigation panel.
Enter a name for the application and set Supported account types to Accounts in this organisational directory only (Single tenant).
Select Register to create the application.
Generate Client Secret
Open the newly created App Registration.
Navigate to Certificates & secrets.
Create a new Client secret.
Copy the Client secret value after creation.
Navigate back to the application overview page.
Copy the following identifiers:
Application (Client) ID
Directory (Tenant) ID
Azure Data Explorer Access Permissions
The App Registration requires access to the Azure Data Explorer cluster being integrated. You should ensure that the registered application has permissions to write data into the target ADX database.
Steps to Integrate ADX in Akto
Open Integration Settings
Log in to the Akto dashboard.
Navigate to Settings → Integrations → Azure Data Explorer.
The Azure Data Explorer configuration form is displayed.
Configure the Integration
Enter the following values in the configuration form:
Cluster Endpoint
Database Name
Tenant ID
Application ID
Application Key (Client Secret)
Each value should match the Azure App Registration and Azure Data Explorer cluster configuration.
Save the Configuration
Select Save to complete the integration.
Akto validates the credentials and establishes connectivity with Azure Data Explorer.
Exporting Data to Azure Data Explorer
Open the Akto Atlas or Argus dashboard.
Navigate to Guardrails → Guardrail Activity.
Open the More actions menu in the top-right corner.
Select Export to ADX (Azure Data Explorer).
Akto exports the selected guardrail activity data to the configured Azure Data Explorer database.
How Data Looks in ADX Cluster
After the export completes, the guardrail activity data appears as structured records in the Azure Data Explorer database.
You can query the exported data using KQL to support investigation, monitoring, and reporting workflows within Azure Data Explorer.
Last updated