Find activity logs sent to a log analytics workspace via a diagnostic setting

Khushika Shringi 20 Reputation points Microsoft Intern
2024-06-01T04:19:20.5866667+00:00

I am trying to export the activity logs of an HDInsight cluster, to a log anaytics workspace via a diagnostic setting. But I am unable to find the exported logs. I tried using the following query:
search *
| where TimeGenerated == "z"

How to find these activity logs?

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,331 questions
Azure HDInsight
Azure HDInsight
An Azure managed cluster service for open-source analytics.
214 questions
0 comments No comments
{count} votes

Accepted answer
  1. Monalla-MSFT 13,031 Reputation points
    2024-06-03T02:44:20.7866667+00:00

    @Khushika Shringi - Welcome to Microsoft Q&A and thanks for reaching out to us.

    The query you used, search * | where TimeGenerated == "z", will not return any results because it is filtering for events that occurred at a specific time, which is not likely to match any events in your logs.

    To search for the exported activity logs of your HDInsight cluster, you can use the following query:

    AzureActivity | where ResourceProvider == "MICROSOFT.HDINSIGHT"
    

    This query searches for all activity logs related to HDInsight clusters.

    Please try the above and see if it helps.

    Hope this helps. and please feel free to reach out if you have any further questions.


    Please don't forget to "Accept as Answer" and click "Yes" if the above response is helpful, so it can be beneficial to the community.

    1 person found this answer helpful.
    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.