Each native operational cloud tool provide a tremendous value that many people don’t see when they start with the public cloud. Some of them are focus on provide a backup approach, other facilitate assessment or discovery of workloads to be migrate, even security or just watch up specific metrics or KPI. This is the case of Azure monitor, a holistic monitor tool to configure customize dashboards with the most important technologies you are working with daily.
Platform logs provide detailed diagnostic and auditing information for Azure access and use the Activity Log to determine the what, who, and when for any write operations (PUT, POST, DELETE) taken on the resources in your subscription.
Azure Active Directory logs contains the history of sign-in activity and audit trail of changes made in the Azure Active Directory for a particular tenant.
Resource Logs provide insight into operations that were performed within an Azure resource, for example getting a secret from a Key Vault or making a request to a database. The content of resource logs varies by the Azure service and resource type.
Send the Activity log to a Log Analytics workspace to enable the features of which includes the following:
1. Correlate Activity log data with other monitoring data collected by Azure Monitor.
2. Consolidate log entries from multiple Azure subscriptions and tenants into one location for analysis together.
3. Use log queries to perform complex analysis and gain deep insights on Activity Log entries.
4. Use log alerts with Activity entries allowing for more complex alerting logic.
5. Store Activity log entries for longer than 90 days.
Also great news!, no data ingestion or data retention charge for Activity log data stored in a Log Analytics workspace.
In the next post, we´ll explain how to monitor virtual machines and what is more important, applications and web services..
See you them…