Queries for the CHSMManagementAuditLogs table

Article
02/20/2024

Aggregate operations query

List logs for specific HSM partition operations.

CHSMManagementAuditLogs
| where OperationName == "END_MARKER_OPCODE (0xffff)/SPECIAL (0xffff)" 
| where OperationName == "CN_GENERATE_KEY_PAIR (0x19)/CN_MGMT_CMD (0x0)"
| sort by TimeGenerated desc 
| limit 100

Failed operations count

Count of failed HSM partition operations requests by userId, operationName and opCode.

CHSMManagementAuditLogs
| where not(Response contains "FAIL")
| summarize count() by TimeGenerated, UserId, OperationName, Opcode

Operations per user

Count of total HSM partition operations performed per user.

CHSMManagementAuditLogs
| summarize count() by UserId

Feedback

Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.

Submit and view feedback for

This product This page

View all page feedback