There are lots of different types of logs generated in Azure, it’s very much confusing when you don’t know which logs to use for monitoring your resources and how to access them. Logs contain different kinds of data organized into records with different sets of properties for each type. Logs can contain numeric values like metrics but typically contain text data with detailed descriptions. They further differ from metrics in that they vary in their structure and are often not collected at regular intervals.
Types of logs generated in Azure
There are 20 different types of logs currently generated in Azure and there are different ways to access them. Please find the table to understand the different types of logs generated in Azure and their types, supported services and method of access.
As per Microsoft docs, please find the different sources of logs generated in Azure in this below table.
Table: Showing types of Azure Logs
Now let’s see one of the most important log which is the Activity Log.
What is Activity Log in Azure?
The Azure Activity Log is a subscription log that provides insight into subscription-level events that have occurred in Azure. This includes a range of data, from Azure Resource Manager operational data to updates on Service Health events. The Activity Log was previously known as “Audit Logs” or “Operational Logs,” since the Administrative category reports control-plane events for your subscriptions. Using the Activity Log, you can determine the ‘what, who, and when’ for any write operations (PUT, POST, DELETE) taken on the resources in your subscription. The Azure Activity Log is primarily for activities that occur in Azure Resource Manager. You can retrieve events from your Activity Log using the Azure portal, CLI, PowerShell cmdlets, and Azure Monitor REST API.
Here is a diagram from Microsoft which shows what you can do with Azure Activity Log.
From July 2018, activity alert experience can be triggered by Unified Alerting. A new unified alert experience that enables you to manage alerts from multiple subscriptions and introduces alert states and smart groups is currently available in public preview.
In my next post, I will write about the unified alert monitor in the Azure Portal with a detail use case. Azure monitoring is becoming so vast that you need enough time to become experts in the field of monitoring and alerting. I will publish all my findings in my blog which may help you to get some experience near future. In the new beta exam syllabus of AZ 300 also Microsoft has introduced a new chapter for analyzing resource utilization and consumption.
That’s all for today. You have a good day ahead.
Picture Credit: Pexels.com