This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 89%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
Hello Team,
I'm looking way to Monitor Azure VM Sign-in logs. I need to set an alert if any user try to RDP into Azure VM it should get fired with his name with Computer name,Date and Time.
The SecurityEvent command is not working in Azure Monitor Log analytics Workspace. Also, I found Azure Monitor is not integrated with security Events.
Anyone knows other way to get alert if RDP users Successful sign-in. The below is predefined Query in Log Analytics workspace but it wont work on Azure VM.
SecurityEvent
| where EventID == 4624
| summarize arg_max(TimeGenerated) by Computer
I have answered a similar query before and you may follow the same to achieve the requirement indicated in this question.
is-it-possible-to-create-an-alert-when-someone-log-in
----------
--please don't forget to upvote and Accept as answer if the reply is helpful--
This is an interesting approach :) +1 on that, but it requires to enable VM Insights with a dependency agent
@Manu Philip Hello, Excellent Procedure. But the "Vmconnection" table wont capture the end user information who tried to RDP into Azure VM