Microsoft.KeyVault/managedHSM supported Diagnostic Settings log categories

Wiliam Rocha 40 Microsoft Employee

As per the Microsoft documentation (https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs-categories#microsoftkeyvaultmanagedhsms), Microsoft.KeyVault/managedHSM support integration with diagnostic settings by logging AuditEvents, something like:

resource mhsmsDiagnosticSettings 'Microsoft.Insights/diagnosticSettings@2017-05-01-preview' = [for i in range(0, managedHSMCount): {
  name: 'mhsm-diagnostics'
  scope: mhsms[i] // array of Microsoft.KeyVault/managedHSMs@2021-10-01
  properties: {
    eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
    eventHubName: eventHubName
    metrics: [
      {
        category: 'AllMetrics'
        enabled: true
      }
    ]
    // https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/resource-logs-categories#microsoftkeyvaultmanagedhsms
    logs: [
      {
        category: 'AuditEvent'
        enabled: true
        retentionPolicy: {
          days: 5
          enabled: true
        }
      }
    ]
  }
}]

My question here is: do we have any plan to allow filtering the Audit Events allowed to log? Currently they are overloading my logs with a lot of stuff that I would like to ignore.

Shweta Mathur 27,381 Reputation points Microsoft Employee

2023-03-06T05:56:48.3833333+00:00

Hi @Wiliam Rocha ,

Thanks for reaching out.

Let's connect offline to discuss further on this.

Thanks,

Shweta
Wiliam Rocha 40 Reputation points Microsoft Employee

2023-03-27T13:13:51.04+00:00

Thanks Shweta!
Sure, we can sync offline to discuss this matter.
Best,
Wiliam