Creates a new activity log profile. This profile is used to either archive the activity log to an Azure storage account or stream it to an Azure event hub in the same subscription.
The Add-AzLogProfile cmdlet creates a log profile.
Storage Account - Only standard storage account (premium storage account is not supported) is supported. It could either be of type ARM or Classic. If it's logged to a storage account, the cost of storing the activity log is billed at normal standard storage rates. There could be only one log profile per subscription consequentially only one storage account per subscription can be used to export activity log.
Event Hub - There could be only one log profile per subscription consequentially only one event hub per subscription can be used to export activity log. If activity log is streamed to an event hub, standard event hub pricing will apply.
In the activity log, events can pertain to a region or could be "Global". Global essentially means these events are region agnostics and are independent of region, in fact majority of events fall into this category. If the activity log profile is set from the portal, it implicitly adds "Global" along with any other region selected in the user interface. When using the cmdlet, the location as "Global" must be explicitly mentioned apart from any other region.
Note :- Failing to set "Global" in the locations will result in a majority of activity log not getting exported.
This cmdlet implements the ShouldProcess pattern, i.e. it might request confirmation from the user before actually creating, modifying, or removing the resource.
Examples
Example 1: Add a new log profile to export the activity log matching the location condition to a storage account
Specifies the retention policy, in days. This is the number of days the logs are preserved in the storage account specified. To retain the data forever set this to 0. If it's not specified, then it defaults to 0. Normal standard storage or event hub billing rates will apply for data retention.
Specifies the ID of the Storage account. ID is the fully qualified Resource ID of the storage account for example
/subscriptions/40gpe80s-9sb7-4f07-9042-b1b6a92ja9fk/resourceGroups/activitylogRG/providers/Microsoft.Storage/storageAccounts/activitylogstorageaccount
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable,
-InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable,
-ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see
about_CommonParameters.
The source for this content can be found on GitHub, where you can also create and review issues and pull requests. For more information, see our contributor guide.
