![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(259.20000000000005, 89%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKV%3C/text%3E%3C/svg%3E)
2,614 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 28.000000000000004%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Review Monitor container registry
Azure Monitor is used to monitor all instances of the ACR registries. It gathers ACR metrics such as push and pull operations.
The Diagnostic Settings on the production ACR instances is configured to stream the resource logs of category ContainerRegistryLoginEvents and ContainerRegistryRepositoryEventsLogs - Supported resource logs for Microsoft.ContainerRegistry/registries
Based on this Registry operations by Microsoft Defender for Cloud, If resource logs are collected for your registry, you'll see registry login events and image pull events generated by Microsoft Defender for Cloud.
Table reference https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/containerregistryrepositoryevents for ContainerRegistryRepositoryEvents.
If you find the answer above helpful, please Accept the answer to help anyone in the community who might have a similar question to quickly find the solution.