Microsoft.KeyVault/managedHSM supported Diagnostic Settings log categories
Wiliam Rocha
40
Reputation points Microsoft Employee
As per the Microsoft documentation (https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs-categories#microsoftkeyvaultmanagedhsms), Microsoft.KeyVault/managedHSM support integration with diagnostic settings by logging AuditEvents, something like:
resource mhsmsDiagnosticSettings 'Microsoft.Insights/diagnosticSettings@2017-05-01-preview' = [for i in range(0, managedHSMCount): {
name: 'mhsm-diagnostics'
scope: mhsms[i] // array of Microsoft.KeyVault/managedHSMs@2021-10-01
properties: {
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
metrics: [
{
category: 'AllMetrics'
enabled: true
}
]
// https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs-categories#microsoftkeyvaultmanagedhsms
logs: [
{
category: 'AuditEvent'
enabled: true
retentionPolicy: {
days: 5
enabled: true
}
}
]
}
}]
My question here is: do we have any plan to allow filtering the Audit Events allowed to log? Currently they are overloading my logs with a lot of stuff that I would like to ignore.
Sign in to answer