Azure Batch Account connector for Microsoft Sentinel
Azure Batch Account is a uniquely identified entity within the Batch service. Most Batch solutions use Azure Storage for storing resource files and output files, so each Batch account is usually associated with a corresponding storage account. This connector lets you stream your Azure Batch account diagnostics logs into Microsoft Sentinel, allowing you to continuously monitor activity. For more information, see the Microsoft Sentinel documentation.
Connector attributes
| Connector attribute | Description |
|---|---|
| Log Analytics table(s) | AzureDiagnostics (Batch Account) |
| Data collection rules support | Not currently supported |
| Supported by | Microsoft Corporation |
Query samples
All logs
AzureDiagnostics
| where ResourceProvider == "MICROSOFT.BATCH"
Count By Batch Accounts
AzureDiagnostics
| where ResourceProvider == "MICROSOFT.BATCH"
| summarize count() by Resource
Prerequisites
To integrate with Azure Batch Account make sure you have:
- Policy: owner role assigned for each policy assignment scope
Vendor installation instructions
Connect your Azure Batch Account diagnostics logs into Sentinel.
This connector uses Azure Policy to apply a single Azure Batch Account log-streaming configuration to a collection of instances, defined as a scope. Follow the instructions below to create and apply a policy to all current and future instances. Note, you may already have an active policy for this resource type.
Next steps
For more information, go to the related solution in the Azure Marketplace.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for