ericOnline
Reputation: 1988
How to hook Log Analytics / Azure Monitor into role assignments?
Is there a way to hook Log Analytics or Azure Monitor into Role Assignments in order to capture when a new user/service principal/group is added to a Role for any resource within a tenant?
I'm looking for a log to tie alerts to. Something with a human readable DisplayName for both the user/sp/group and the resource its applied to.
Example:
Bob Smithwas assignedContributorrole to Storage Accountstg123in Resource Grouprgabc
Upvotes: 1
Views: 586
Answers (1)
Tiny Wang
Reputation: 16029
What @Satya provided, azure portal has activity logs and it is the most easy way to query role assignments in azure, and as @ericOnline said above, azure monitor also provides similar feature.
See details in : https://learn.microsoft.com/en-us/azure/role-based-access-control/change-history-report
Upvotes: 2
Related Questions
- Configure Azure monitor for application logs
- Azure Monitor alert on a custom metric filtered by cloud_RoleInstance
- Azure Log analytics - access control to view only specific applications
- How to extract Log-Data from Azure Log Analytics / Application Insights?
- User analytics in Azure
- Where to add Monitoring Reader role in Azure
- How to enable Custom Logs for Azure Log Analytics?
- Worker Role Tracing Logging
- Best way to monitor Azure Worker Role diagnostics?
- Getting Azure Logs from role process