While exporting Activity logs using diagnostic setting , is there a way to have different logs categories configured for different workloads within the same subscription?

Sudhamayi Oruganti 20 Reputation points
2023-04-18T09:41:10.2333333+00:00

As per the documentation, Activity logs export configuration is applicable at subscription level. Is there a way to configure different Activity Log export configurations for different workloads within the same subscription? Ex: For my dev workloads I just need "Security" category of logs to be exported and for another set of workloads I need "Security" as well as "Administration". To be precise is there a way to customize configuration per resource ?

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,871 questions
{count} votes

Accepted answer
  1. Tech-Hyd-1989 5,751 Reputation points
    2023-04-18T09:51:25.79+00:00

    Hello Sudhamayi Oruganti

    Yes, you can customize the Activity Log export configuration per resource by using Azure Resource Manager tags. You can create tags for your resources and then use those tags to filter and export specific categories of Activity Logs.

    Here's an example of how to configure the export of Activity Logs for a specific set of resources:

    1. Create a tag for your resources. For example, you can create a tag named "LogExport" with a value of "Security" for the resources that only require Security logs to be exported, and a value of "Administration" for the resources that require both Security and Administration logs to be exported.
    2. In the Azure portal, navigate to the Activity Log Export settings and create a new export configuration.
    3. In the filter section, select "By resource tag" and then select the tag you created in step1.
    4. In the category section, select the categories of logs you want to export. For example, if you created a tag with a value of "Security", you can select only the "Security" category of logs to be exported.
    5. Save the export configuration.

    Repeat this process for each set of resources that requires a different export configuration. Keep in mind that this method will only export logs for the resources that have the specified tag, so make sure to tag all the resources that require a specific export configuration.

    Please don’t forget to Accept Answer and Yes for "was this answer helpful" wherever the information provided helps you, this can be beneficial to other community members.


0 additional answers

Sort by: Most helpful