![]() On your Log Analytics Workspace select Access Control (IAM) => Add => Role = Reader and select your Azure AD App => save On the Log Analytics Workspace that we created earlier we need to link our Azure AD App so that it has permissions to read data from Log Analytics. Link Log Analytics Workspace to Azure AD Application Under Certificates and secrets for your Azure AD Application create a Client Secret and record the secret for use in your script. ![]() On your Azure AD Application select Add a permission => APIs my organization uses and type Log Analytics => select Log Analytics API => Application permissions => Data.Read => Add permissionsįinally select Grant admin consent (for your Subscription) and take note of the API URI for your Log Analytics API endpoint ( ) for me as shown below. I already had an Application I was using to query the Audit Logs so I added the Log Analytics to it. In order to access the Log Analytics Workspace via API we need to create an Azure AD Application and assign it permissions to the Log Analytics API. In the Azure Portal under Azure Active Directory => Monitoring => Diagnostic settings select + Add Diagnostic Setting and configure your Workspace to get the SignInLogs and AuditLogs. Next we need to get the logs into our Workspace. #Powershell json query free#New-AzOperationalInsightsWorkspace -ResourceGroupName $rgName -Name Azure-Active-Directory-Logs -Location $location -Sku free If you want it in a new Resource Group either create the RG through the portal or via the CLI using New-AzResourceGroup $rgName = 'MYLogAnalytics-REPORTING-RG' ![]() I created mine using the Azure Cloud Shell in the Azure Portal. ![]() We want to create a Workspace for our logs and queries. querying Log Analytics using the REST API with PowerShell.Once you’ve created the query however you may want to run that query through automation negating the need to use the Azure Portal every time you want to get the associated report data. It provides the ability to quickly create queries using KQL (Kusto Query Language). Log Analytics is a fantastic tool in the Azure Portal that provides the ability to query Azure Monitor events. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |