Azure Resource Logs
Collect Azure Resource logs and send them to Coralogix for seamless integration.
Overview
Resource logs [previously referred to as diagnostic logs] capture resource-specific audit information, providing insight into operations performed within an Azure resource. This is known as the data plane. Examples include a connection made to a PostgreSQL server or when a Blob is created, read, or deleted from a storage account. The contents of resource logs vary according to the Azure service and resource type.
This tutorial demonstrates how to collect Azure resource audit logs and submit them to Coralogix. To do so, you will need to configure your resource’s Diagnostic Settings and leverage our Event Hub integration for the collection and submission of those logs to the Coralogix platform.
Prerequisites
Azure account with an active subscription
EventHub Namespace [Note: If your EventHub has restricted public access you will need to enable VNet support using these optional configuration steps.]
Resource Audit Log Export
STEP 1. To configure resource audit logs, navigate to your desired resource.
STEP 2. Under Monitoring, click Diagnostic Settings.
STEP 3. Click + Add diagnostic setting.
STEP 4. In the Diagnostic Setting window, select the Audit category. Configure the Destination Details to submit entries to your existing Event Hub.
Notes:
Not all resource types have audit logs.
In this example, we’re looking at a PostgreSQL database.
Process Event Hub
Now that your resource audit log entries are being exported to your Event Hub, you’ll need to deploy the Azure Event Hub integration to collect and submit the messages to the Coralogix platform.
To do so, you can deploy via ARM template or Terraform:
Post Deployment
Restart the function after deployment.
Additional Resources
Documentation | Introduction to Microsoft Azure |
Support
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].