Microsoft Azure provides a suite of cloud computing services that allow organizations to deploy, manage, and monitor full-scale web applications. As the complexity of securing these applications increases, collecting and analyzing Azure platform logs becomes crucial for monitoring security and identifying potential threats. The logs are generated in three categories: Microsoft Entra ID reports detail changes made in Entra ID and login activity, Activity logs record operations performed on an Azure resource, such as creating a VM, Resource logs capture operations performed within an existing Azure resource. Each log type has unique fields that provide valuable information for tracking actions occurring in the environment. Understanding the organizational hierarchy of Azure resources is essential to properly interpreting and acting on those logs. Datadog can help organizations collect and monitor their Azure logs by providing automatic parsing and enrichment, cost-effective collection and archiving, built-in security and compliance analysis, and a user-friendly interface for visualizing log data and detecting security threats in real-time.