CIPP Stores its logs in Azure Tables, they currently provide a SAS token that provides read only access to these logs. It would be awesome to export the action logs into Huntress SIEM.