Share via

diagnostic settings for Blob storage.

Somnath Shukla 411 Reputation points
2020-10-06T11:26:57.717+00:00

I want to enable diagnostic settings for Blob storage. i wanted to log the event at container and blob level both. i can do this using Classic diagnostic settings. Since this is going to get retired i want to send the diagnostic logs to Log analytics workspace as i am doing for key vault and service bus.

  1. when i enable diagnostic settings under activity log i can only capture the event for container(created/deleted) not for blob i have set it up as in attached image using azure portal. how i can get the events for blob also?
  2. i am trying to use azure terraform to enable to diagnostic settings for storage and getting this error

Error creating Monitor Diagnostics Setting "example" for Resource "/subscriptions/xxxx-xxxx/resourceGroups/vm/providers/Microsoft.Storage/storageAccounts/snscp": insights.DiagnosticSettingsClient#CreateOrUpdate: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="Subscription 'xxxx-xxxx' is not whitelisted in the private preview of diagnostic log settings for Azure resource type 'microsoft.storage/storageaccounts', feature flag: 'microsoft.insights/diagnosticsettingpreview'."

resource "azurerm_monitor_diagnostic_setting" "example" {
name = "example"
target_resource_id = data.azurerm_storage_account.example.id
log_analytics_workspace_id = data.azurerm_log_analytics_workspace.log.id

dynamic "log" {
for_each = ["AuditEvent"]
content {
category = log.value
enabled = true
retention_policy {
enabled = false
}
}
}

}

30414-image.png

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,904 questions
Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,606 questions
Accepted answer
  1. deherman-MSFT 35,316 Reputation points Microsoft Employee
    2020-10-06T18:38:59.293+00:00

    @Somnath Shukla
    The error seems to indicate you are not enrolled in the preview. Per the Monitoring Azure Blob storage page please fill this form to enroll in the preview. If you are still having issues after enrolling here please let us know.

    -------------

    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Somnath Shukla 411 Reputation points
    2020-10-07T03:40:35.623+00:00

    @deherman-MSFT i have requested for the preview.
    does it going to audit at container level or at blob level.
    i wanted to log who has created/deleted blob.