Enabling Diagnostics setting in Azure Key vault

Shivam Singh 220 Reputation points
2024-03-13T08:29:06.66+00:00

While enabling Diagnostic setting in my Key vault, I have two option to store the logs workspace and storage account. few questions

  1. If I choose storage account to store the logs, will I be able to run KQL queries on key vault ? will the stored logs be accessible?
  2. The logs will be there in the storage account till I manually delete them, there is no retention period here?
  3. Why should I go for LA workspace.
Azure Key Vault
Azure Key Vault
An Azure service that is used to manage and protect cryptographic keys and other secrets used by cloud apps and services.
1,287 questions
Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,276 questions
Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,174 questions
0 comments No comments
{count} votes

Accepted answer
  1. Arjun Karthikeyan S 155 Reputation points
    2024-03-13T08:49:43.21+00:00

    Hi Shivam Singh,

    Good day,

    Answer to your question 1: No, you will not be able to run KQL queries on key vault. But you can access the stored logs using various tools like Azure Monitor or Azure Storage Explorer.

    Answer to your question 2: Yes, the logs will be available in the storage vault till you delete them manually and there is no retention period, so you'll need to manage retention policies yourself if you have specific requirements.

    Answer to your question 3: LA workspace offers more advanced analytics compared to storage logs in storage account. With LA, you can perform complex queries, create dashboards, set up alerts, and leverage other features provided by Azure Monitor. LA also integrates well with other Azure services, allowing for centralized monitoring and analysis of logs from multiple sources. Additionally, LA provides built-in retention policies, so you can define how long logs should be retained before they are automatically deleted, helping you to manage storage costs and comply with data retention policies.

    Thank you.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have an extra question about the answer, please click "Comment".


0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.