# Module: azure
# Docs: https://www.elastic.co/guide/en/beats/filebeat/7.x/filebeat-module-azure.html

- module: azure
  # All logs
  activitylogs:
    enabled: true
    var:
      # eventhub name containing the activity logs, overwrite he default value if the logs are exported in a different eventhub
      eventhub: "insights-operational-logs"
      # consumer group name that has access to the event hub, we advise creating a dedicated consumer group for the azure module
      consumer_group: "$Default"
      # the connection string required to communicate with Event Hubs, steps to generate one here https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-get-connection-string
      connection_string: ""
      # the name of the storage account the state/offsets will be stored and updated
      storage_account: ""
      # the storage account key, this key will be used to authorize access to data in your storage account
      storage_account_key: ""

  platformlogs:
    enabled: false
  #  var:
  #    eventhub: ""
  #    consumer_group: "$Default"
  #    connection_string: ""
  #    storage_account: ""
  #    storage_account_key: ""


  auditlogs:
    enabled: false
 #   var:
 #     eventhub: "insights-logs-auditlogs"
 #     consumer_group: "$Default"
 #     connection_string: ""
 #     storage_account: ""
 #     storage_account_key: ""
  signinlogs:
    enabled: false
 #   var:
 #     eventhub: "insights-logs-signinlogs"
 #     consumer_group: "$Default"
 #     connection_string: ""
 #     storage_account: ""
 #     storage_account_key: ""