Reputation: 1586
Unable to link storage account to Log analytics workspace
We are using fluentbit to output application logs to a Azure log analytics workspace. The application log does appear in the workspace as a table under the Logs blade, Custom Logs category. So far so good.
Due to the maximum retention period of the Log analytic workspace limited to 730 days, I thought linking a storage account to type Custom logs & IIS logs under the Linked storage accounts would solve the problem for me. My understanding is once a storage account is linked to type Custom logs & IIS logs, all Custom Logs will be written into the nominated storage account instead of the default storage account that comes with the creation of the Log analytics workspace. Is this understanding correct?
Secondly, after clicking on the Custom logs & IIS logs item, and selecting a storage account from the Pop-up blade on the left hand side, Azure Portal reported a message Successfully linked storage account . However, the Linked storage accounts view still reports No linked storage accounts.
Browsing the target storage account, no log seems to be written to the storage account.
Updates 1
Storage account network configuration.
Updates 2
The answer is accepted as it is technically correct. However, a few steps/details are missing in the documentation. In order to, map a customer storage account to a LA Workspace, one must build resources to match the following diagram. 
- Create a AMPLS resource.
- Link the AMPLS resource to your LA workspace.
- Create private endpoint on the target vnet for the AMPLS resource
- Create storage account.
- Create print endpoints (blob type) on the target vnet
- Link the storage account to the LA workspace.
Upvotes: 2
Views: 2162
Answers (1)
Reputation: 1301
We need to follow few prerequisites before linking the storage account to the workspace.
Storage account should be in the same region as log analytics workspace.
Need to give permissions for other services to allow accessing the storage account.
Allow Azure Monitor to access the storage account. If you chose to allow only select networks to access your storage account, you should select the exception: “Allow trusted Microsoft services to access this storage account”
For rest of the configuration information refer to MS Docs.
By following the above documentation, I can link the storage account successfully as below:
Upvotes: 1
Related Questions
- Valid authentication was not provided
- Log-analytic workspace is not supporting for ubuntu 22 version
- How to read application log files from Azure Storage on Log Analytics
- Connecting storage account datalake 2 to log analytics workspace
- How to connect existing Automation Account and Log Analytics workspace in Azure?
- Searching Storage Account with Azure Log Analytics
- Unable to link existing workspace in Azure log analytics
- unable to connect azure resources to log analytics
- Azure Log Analytics 403 error
- Log4net log to Azure Storage Account