Is it possible to create and enable diagnostic setting at subscription level/scope using Azure Powershell?

Bruno Silva 86 Reputation points
2021-03-30T20:27:08.367+00:00

Hey guys,

I need to create and enable a diagnostic setting at subscription level rather than resource level.

Azure CLI has the command az monitor diagnostic-settings subscription create that allows me to achieve that by passing the subscription ID as parameter.

But I cannot found an Azure Powershell equivalent. The Set-AzDiagnosticSetting does not allow pass the subscription ID. Instead, it accepts only the full resource ID.

When I try to use the following command, I get the error Set-AzDiagnosticSetting: Exception type: ErrorResponseException, Message: Null/Empty, Code: Null, Status code:NotFound, Reason phrase: Not Found:

$subsId = Get-AzContext | Select-Object Subscription
New-AzOperationalInsightsWorkspace -Name $workspaceName -ResourceGroupName $rgName -Location $region -Sku "Standard"
$workspaceId = Get-AzOperationalInsightsWorkspace -Name $workspaceName -ResourceGroupName $rgName | Select-Object ResourceId
$log = New-AzDiagnosticDetailSetting -Log -RetentionInDays 90 -Category Administrative -RetentionEnabled -Enabled
$setting = New-AzDiagnosticSetting -Name $dsName -WorkspaceId $workspaceId -TargetResourceId $subsId.Subscription.Id -Setting $log
Set-AzDiagnosticSetting -InputObject $setting

Have anyone already faced this issue? I appreciate any help.

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,797 questions
0 comments
Accepted answer
  1. SwathiDhanwada-MSFT 17,326 Reputation points
    2021-04-05T07:49:41.48+00:00

    @Bruno Silva The requested feature to create diagnostic settings for subscription will be released as part of S185 milestone and you can set diagnostic settings using below snippet after the release is available to the customers. 

    $list = @()  
Get-AzSubscriptionDiagnosticSettingCategory | ForEach-Object {  
$list += (New-AzDiagnosticDetailSetting -Log -Category $_.Name -Enabled)  
}  
$DiagnosticSettingName = 'please use your setting name here'  
$SubscriptionId = 'please use your subscription Id here'  
$WorkspaceId = 'please use your workspace Id here'  
$setting = New-AzDiagnosticSetting -Name $DiagnosticSettingName -SubscriptionId $SubscriptionId -WorkspaceId $WorkspaceId -Setting $list  
Set-AzDiagnosticSetting -InputObject $setting

    Reference GitHub issue : https://github.com/Azure/azure-powershell/issues/13066#issuecomment-806314270

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Stanislav Zhelyazkov 21,021 Reputation points MVP
    2021-03-31T07:20:10.167+00:00

    Hi,
    If the command does not support that you can easily have that functionality in both PS and CLI by just using ARM template deployments. Here you will find such example.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments