![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(25.6, 34%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
2,800 questions
Hi,
All these refer to enabling Diagnostic settings on the mentioned resources and sending them to Log Analytics workspace. Diagnostic settings can be configured to send logs to Storage account as well which is probably the last requirement. There is also ability to export logs from Log Analytics to storage account but it has certain limitations that should be aware. Most notably not all tables in Log Analytics are supported. This item "Ensures the Log Profile is configured to export all activities from the control and management planes in all active locations" probably refers to sending Azure Activity logs to Log Analytics which is basically configuring diagnostic settings on the subscription(s). You can also use Azure Policy to enforce these settings. There are built-in policy definitions available just search for diagnostic settings or Log Analytics and you will see different policies available. Retention for placing the logs on Storage account is configured when you set the diagnostic settings. Retention for Log Analytics is either configured on workspace level or on table level. The requirements are a little vague and very general so you will have to do some reading on the docs mentioned.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.