I'm planning to migrate all my logs from Splunk indexers to a different location for retention purposes. I'm considering using Azure Blob Storage for this. Is it possible to store my logs there and still query them when needed? I appreciate any insights on this!
2 Answers
Unfortunately, Azure Blob Storage is primarily for storing files, so you can't really query them directly like you would in a database. It's just a storage solution without built-in querying capabilities. However, if you're dealing with specific file formats, you can use additional tools to help access and query that data.
Have you considered using Azure Data Explorer? It's a service that's designed for analyzing large volumes of data and could be a perfect fit for your use case. You'd get both storage and powerful querying capabilities all in one place!
Exactly! Just keep in mind that you'll need to incorporate those tools into your workflow for querying. It's not as straightforward as querying a database.