Hi Shivam Singh,
Good day,
Answer to your question 1: No, you will not be able to run KQL queries on key vault. But you can access the stored logs using various tools like Azure Monitor or Azure Storage Explorer.
Answer to your question 2: Yes, the logs will be available in the storage vault till you delete them manually and there is no retention period, so you'll need to manage retention policies yourself if you have specific requirements.
Answer to your question 3: LA workspace offers more advanced analytics compared to storage logs in storage account. With LA, you can perform complex queries, create dashboards, set up alerts, and leverage other features provided by Azure Monitor. LA also integrates well with other Azure services, allowing for centralized monitoring and analysis of logs from multiple sources. Additionally, LA provides built-in retention policies, so you can define how long logs should be retained before they are automatically deleted, helping you to manage storage costs and comply with data retention policies.
Thank you.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have an extra question about the answer, please click "Comment".