Last active
November 12, 2023 13:34
-
-
Save jikuja/530042a78cf843e22f0f954a7fe43831 to your computer and use it in GitHub Desktop.
Azure Logging
- Schema for AzureDiagnostics table
- Categories
- Azure-provided table: https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs-schema
Service | Notes | Schema link |
---|---|---|
Analysis Services | ||
Application Gateways | ||
Automation Accounts | ||
Azure Database for MariaDB servers | ||
Azure Database for MySQL servers | ||
Azure Database for PostgreSQL servers | ||
Azure Database for PostgreSQL servers v2 | ||
Batch accounts | ||
CDN profiles | ||
Cognitive Services | ||
Data Lake Analytics | ||
DataLake Storage Gen1 | ||
Device Provisioning Services | ||
Digital Twins | ||
Event Grid Topics | π | |
Event Hubs | π | |
ExpressRoute circuits | ||
Front Doors | ||
Integration accounts | ||
Key Vault | Might be soon AZKVAuditLogs table | π |
Kubernetes services | ||
Load balancers | ||
Logic Apps | ||
Media services | ||
Network interfaces | Only metrics | - |
Network Security Groups | See also1 for NSG flow logs | π |
P2S VPN Gateways | Check: VWAN component | |
Power BI Embedded | ||
Public IP addresses | π Wrong link? requires DDOS protection plan to log something |
|
Recovery Services vaults(Site Recovery) | ||
Search services | ||
Service Bus | ||
SQL databases | ||
SQL managed Instances | ||
SQL servers | ||
Stream Analytics jobs | ||
Traffic Manager profiles | ||
Virtual networks | No logs / Unused VM protection alerts category |
- |
Virtual network gateways | Regular VPN GW | π |
VPN Gateways | Check: VWAN component |
Service | Notes | Schema link |
---|---|---|
API Management Services | ||
Azure Cosmos DB | ||
Data factories (V2) | ||
IoT Hub | ||
Recovery Services vaults(Backup). | ||
Firewalls |
NSG flow logs can be periodically send to LAW table AzureNetworkAnalytics_CL
with Traffic Analytics
AzureNetworkAnalytics_CL
Schema- Example queries for
AzureNetworkAnalytics_CL
Footnotes
-
Network Security Groups is documented to use
AzureDiagnostics
table and event and rule counters are being logged into Log Analytics Workspace. β©
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment