![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 15%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAR%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,037 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 98%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESI%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 43%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
@Ankita Rani Patro - Thanks for reaching out to us.
To create a log analytics report for resource changes that were done manually, you can use the Azure Monitor Change Analysis feature.
Here are the steps to create a log analytics report for resource changes that were done manually:
Go to the Azure portal and navigate to the Log Analytics workspace that you want to use for the report.
Click on "Logs" in the left-hand menu.
In the query editor, enter the following query:
AzureActivity
| where OperationNameValue == "Microsoft.Resources/deployments/write"
| where ActivityStatus == "Succeeded"
| where ResourceProviderValue == "Microsoft.Resources"
| where ResourceGroup != ""
| where Caller != ""
| where DeploymentName != ""
| where DeploymentStatus == "Succeeded"
| where DeploymentScope == "ResourceGroup"
| where DeploymentType == "Incremental"
| where DeploymentTemplateLink.uri != ""
| where DeploymentTemplateLink.uri contains "https://management.azure.com/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/deployments/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/subscriptions/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/resourceGroups/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/providers/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/policyDefinitions/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/policyAssignments/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/links/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/tags/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/managedBy/"
| where DeploymentTemplateLink.uri !contains "/providers/Microsoft.Resources/aliases/"
| project TimeGenerated, Caller, ResourceGroup, DeploymentName, DeploymentTemplateLink.uri
This query will return a list of all successful deployments that were done manually.
Click on "Run" to execute the query.
Once the query has finished running, click on "Export" and select "CSV" to export the results to a CSV file.
Hope this helps. and please feel free to reach out if you have any further questions.
If the above response was helpful, please feel free to "Accept as Answer" and click "Yes" so it can be beneficial to the community.