Part 1What is Log Analytics?What is the Activity Log?Two methods for ingesting Activity Log Data into Log AnalyticsOption #1 - Old/Current Method Being Deprecated where you go into your Log Analytics Workspace and hook the Activity Log directly into the workspaceOption #2 - New Method leveraging Activity Log Diagnostic SettingsPart 2Leverage Kusto Query … [Read more...] about Retrieving Activity Log Data from Azure Log Analytics – Part 3
Log Analytics
Retrieving Activity Log Data from Azure Log Analytics – Part 2
Part 1What is Log Analytics?What is the Activity Log?Two methods for ingesting Activity Log Data into Log AnalyticsOption #1 - Old/Current Method Being Deprecated where you go into your Log Analytics Workspace and hook the Activity Log directly into the workspaceOption #2 - New Method leveraging Activity Log Diagnostic SettingsPart 2Leverage Kusto Query Language … [Read more...] about Retrieving Activity Log Data from Azure Log Analytics – Part 2
Retrieving Activity Log Data from Azure Log Analytics – Part 1
OverviewEver wonder how to go about retrieving Activity Log Data from Azure Log Analytics? Perhaps you want to create a shared dashboard that shows you Virtual Machine creations from the Activity Log. Or perhaps instead of a shared dashboard you want to ingest this data into a custom PowerShell Object that can then be exported to a CSV, an HTML file, etc...? This article … [Read more...] about Retrieving Activity Log Data from Azure Log Analytics – Part 1
Increasing Azure Log Analytics Retention Per Data Type
On October 8th, 2019, Microsoft announced the support of increasing retention independently per data type. What this means, is that if you want to collect 6 months worth of log data for the SecurityEvent Log, you can do so independently of the retention period for other data types. The official documentation on that is here: … [Read more...] about Increasing Azure Log Analytics Retention Per Data Type
Monitor Azure Virtual Machine Deletes and Creations with Log Analytics
Update (3/6/2020): There is a new method of ingesting Activity Log data into your Log Analytics Workspace. Please see this article series I wrote here for more information. The new article series discusses using the method outlined in this article as well as the new method, differences between the two, how to utilize a new Kusto Query to pull output from both methods as well as … [Read more...] about Monitor Azure Virtual Machine Deletes and Creations with Log Analytics
