The challenge
Send every log where it belongs
Security data often needs to go to multiple destinations: SIEM, analytics platforms, and storage. Without a unified system, teams rely on scattered scripts and manual integrations, leading to errors, duplicated data, and rising costs. Routing decisions are often inflexible, making it hard to adapt pipelines as requirements change.
The Solution
DataStream – intelligent security telemetry pipeline
Context-driven routing
Routing decisions are driven by security context – source type, dataset, severity, and normalized fields. This ensures that logs are consistently directed to the right destinations: critical alerts – into SIEM, audit trails – into storage, and aggregated data – into analytics platform.
Multi-destination delivery
DataStream can send the same log to detection, analytics, and compliance systems in parallel, without duplication or extra effort.
Adaptive policies
Routing rules can be updated instantly without downtime. Policies adapt to changes in infrastructure, detection needs, or compliance requirements, keeping pipelines flexible and future-ready.
Sentinel-first routing
DataStream is built with Microsoft Sentinel at its core. It automatically maps incoming telemetry to the correct Sentinel data models and creates DCRs without manual configuration and custom pipelines.
Key benefits
Why this approach works
Supported environments
One platform, no puzzle to assemble
DataStream’s ready-to-use vendor packs eliminate manual setup, so you don’t need custom scripts or multiple tools just to route data to the right destination.
Frequently asked questions
Does routing introduce latency?
Routing happens inside the streaming engine with sub-millisecond overhead.
How does routing help with compliance?
Compliance-relevant data can be automatically routed to secure, long-term storage with audit-ready guarantees and timestamp integrity.
Can routing rules be changed on the fly?
Yes. Policies can be adjusted dynamically without downtime or disruption to pipelines.
Do we need scripts or third-party tools to manage routing?
No. Routing policies are defined in DataStream’s low-code/no-code interface, so you can configure them without maintaining custom scripts.
Get DataStream on Azure Marketplace
Deploy DataStream in minutes with Azure Managed Identity support built in. No credential management, no manual setup.