Logging Azure CLI commands

Question

Logging Azure CLI commands

Andrew Ryan 1

Hello,

Is there anyway to log or view logs for Azure CLI commands that have been executed. For example if I use the CLI while in the portal and execute some commands is there somewhere that information is logged.

If not can CLI command logging be enabled somewhere?

Thanks.

Andrew

0 comments

1 answer

Your answer

Answer 1

David Broggy 6,801 MVP

Hi Andrew,
The AZ commands and Azure CLI are interpreters for the actual Azure resource calls.
As such what gets logged isn’t the actual command but the interpretation of such that performs the actual function in Azure.
So when you use the Azure CLI to make a change in Azure, that change should be logged and received by Sentinel using the Azure log data connector.
I’m not aware of anything that will provide you key logger level logging for the Azure cli.
Hope that helps.

Andrew Ryan 1 Reputation point

2022-07-25T12:26:52.993+00:00

Hi David,

Thanks for the response, I was of a similar opinion where I expected see operations performed on a specific resource in the Activity Log or ActivityLog Table. But we had a instance where we were interacting with a resource and the activity log did not show anything.

I assume this could be because the information held in the resource would be sensitive data and possibly viewing some activity is restricted to higher privileged users or MS directly.

Share via

Logging Azure CLI commands

1 answer

Your answer