How can I get a report of who created resources in Azure Analytics?

Lou Pereira 11 Reputation points
2022-03-04T14:40:28.227+00:00

Hello,
I'm trying to get reports of who creates resources in Azure, for example, I have analytic workspaces created but would like to see who created?

Azure Stream Analytics
Azure Stream Analytics
An Azure real-time analytics service designed for mission-critical workloads.
330 questions

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Espen Fossheim 46 Reputation points
    2022-11-21T14:12:46.397+00:00

    I can't see how any of the above proposals can answer, after the fact, who actually created a resource. Something that is essential for any cloud and service.

    Is there not any other way to figure out which identity who created a resource? It not, I think this is a big discrepancy in Azure regarding transparency and verifiability.
    How on earth can one figure out e.g. if a service principal or a user account astray is not used to create non approved artifacts?

    9 people found this answer helpful.
    0 comments
  2. PRADEEPCHEEKATLA-MSFT 76,511 Reputation points Microsoft Employee
    2022-03-07T04:29:39.367+00:00

    Hello @Lou Pereira ,

    Thanks for the question and using MS Q&A platform.

    Option1: Activity Log

    The Activity log is a platform log in Azure that provides insight into subscription-level events.

    Every action you make in Azure (regardless of who you did it, Portal, API, CLI) is audited and registered in Azure Activity Log.
    Activity Log events does include information about the user who initiated the request.

    Limitation: Activity Log has a fixed retention period of 90 days

    To view the Activity Log, open Azure Monitor, and click on Activity Log in the menu.
    Filter by the Resource Group and Resource you want to investigate, and set the date range to the last 90 days.

    180532-image.png

    Option2: Send to Log Analytics workspace

    The Activity Log is limited to last 90 days, but we can continuously export the log into an infinite Log Analytics workspaces account.

    First you need create a Log Analytics account, and then configure Azure to forward all activity logs to the Log Analytics account. This is an easy integration: Log Analytics workspaces

    Option3: Automatic tagging

    If you need the ownership data more accessible, another approach will be to capture this information in tags that are easily accessible for every resource.

    You apply tags to your Azure resources, resource groups, and subscriptions to logically organize them into a taxonomy. Each tag consists of a name and a value pair. For example, you can apply the name Environment and the value Production to all the resources in production.

    For recommendations on how to implement a tagging strategy, see Resource naming and tagging decision guide.

    Hope this will help. Please let us know if any further queries.

    ------------------------------

    • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
    • Want a reminder to come back and check responses? Here is how to subscribe to a notification
    • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators
    4 people found this answer helpful.
  3. Sander van de Velde 28,161 Reputation points MVP
    2022-03-06T12:18:26.97+00:00

    Hello @

    Azure Log Analytics are created just like any other Azure resource.

    To identify the creator of an Azure resource, use tags. Tags give you the ability to add context to a resource.
    Tags can also be used to identify azure resource costs by tag.

    You use Azure Policy to enforce tagging rules and conventions.

    In the Azure portal, you can start easily using these predefined tasks:

    180636-image.png

    2 people found this answer helpful.
    0 comments