Reputation: 1185
Audit events in Azure Storage Account
When making changes to Containers, File Shares, Queues, Tables in a Storage Account, no audit of it is shown in the "Audit logs" section.
Is there a flag/setting that enables audit log tracing for Storage Accounts?
Example audit log, after making numerous actions in the Storage Account, by UI and by CLI:
Upvotes: 1
Views: 4180
Answers (1)
Reputation: 136126
When making changes to Containers, File Shares, Queues, Tables in a Storage Account, no audit of it is shown in the "Audit logs" section.
This is expected behavior. Activity Logs (formerly known as Audit Logs) logs activities that has happened over control plane which includes operations like creation/deletion of storage accounts, regeneration of account keys etc. Creation/updation/deletion of blob containers, tables, shares etc. come under data plane which are not captured by these logs. To see these activities, you would need to make use of Storage Analytics especially Storage Analytics Logs.
Is there a flag/setting that enables audit log tracing for Storage Accounts?
No. You need to make use of Storage Analytics Logs to see these activities.
Upvotes: 2
Related Questions
- Azure Table Storage: Capture all table activity for compliance purposes
- Diagnostic Logs (Storage) not showing up in Azure Storage Account
- Detailed logging in azure storage account?
- What events are tracked in Azure Sql audit Logs
- Auditing Azure File Storage Service
- How to store audit data in Azure
- How to manage the Azure Audit Logs
- Auditing SQL Azure
- How to log messages to the Windows Azure Storage?
- Auditing rows added to Azure table storage