Is there a way to send a notification when a server gets destroyed in Azure ? I need this to be at the subscription level and not at the server or resource group level.
Thanks !
You have an Azure Activity log at the subscription level. There is a log category Delete. You can create alert log based on it.
Related
I have a question around Azure AD user deletion.
We currently have internal application in which we store employee information using their email id.
When an employee leaves the company their Azure AD account gets deleted by the admin team. But, we are not informed of this deletion.
We are trying to figure out if there an event or trigger in Azure AD, that we can hook into, when a user is deleted or their details are modified.
Has anyone had this issue, and found a way around it?
Help much appreciated.
As mentioned by # Noahstahi deletion are tracked in the azure ad Audit logs
you can route the logs to:
.An Azure storage account.
An Azure event hub, so you can integrate with your Splunk and Sumologic instances.
Azure Log Analytics workspace, wherein you can analyze the data, create dashboard and alert on specific events
or else we can create a Webhook for receiving "Delete" notifications when a user is deleted from Azure AD.
Set up notifications for changes in user data
Reference SO Thread for using Webhook
Topic.
I want to setup an alert when someone on my team updates a configuration in a function app. I could not find this in the docs. Is this possible?
have a look at the Azure App Service as an Event Grid source
you can use an azure portal to subscribe for the eventType Microsoft.Web.AppUpdated and handle this event message in your properly subscriber, for instance: send the email, etc.
Azure Portal is down so can not provide more detailed answer right now. Will try to update it later.
You can "create log alert" if you're able to find a log message in Application Insights. You'll have to setup Function to send logs to Log Analytics.
Something like:
Go to your Function's logs (Logs at left bottom in Portal or your Log Analytics Workspace).
Find the right table that has Function App Activity events/logs.
Write appropriate query.
Click on Create Alert button above the query editor and follow steps.
If you've configured it to run say every 30 mins over last 30 min window, then Azure will just run that query on your logs every 30 minutes and if there are any hits (or not, depends on your alert configuration) it'll create an alert.
If the configuration of an AppService (or Function App) is changed, an event is created in the Activity Log.
You can send these logs to Log Analytics and create an alert based on the entries.
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log
Send the Activity log to a Log Analytics workspace to enable the features of Azure Monitor Logs which includes the following:
...
Use log alerts with Activity entries allowing for more complex alerting logic.
Say I have a https end point that can serve as a webhook url for azure event grid that I can provide in the Azure template. But that endpoint has not been validated yet. I also have an azure template that I wish for a tenant/customer to deploy. What is the way for me to receive an event that deployment of the template has finished successfully?
You may leverage Azure Monitor's capability to view activity logs to monitor actions on resources. More specifically, you'll be interested in events from the Deployments resource (Microsoft.Resources/deployments).
From there you may create an alert rule + action group that will push the event to a webhook of your choice. You may also scope your alerting to a single resource group or a whole subscription. See Create an alert rule and Create and manage action groups in the Azure portal.
I am an admin of a subscription along with some other people.
In Azure is it possible to create Alerts(using Activity Logs) on my Subscription to Notify me if someone adds/modifies or deletes any resource.
I know that i can add alerts on individual resources, but i want to add an alert at the subscription level.
Yes, you can select a resource, resource group, or an entire subscription for activity log signal
We could create the alert with Azure portal and set Alert Target subscription.
For more information, please refer to Create, view, and manage activity log alerts using Azure Monitor.
Actually I am working on an event based notification which will call a webhook/send an email in case a new resource gets added to my subscription. I could not find any Azure native service which will send me alerts/notification in case a new resource gets added to my subscription, but using powershell we can keep on polling on the resource list and workaround it, but if there is any native Azure service or function which can help me out, please inform.
You can use the azure activity log alerts to create a web hook/sms/email notification. This allows you to create a direct avenue straight from the Azure tooling. You can also use a variety of other methods to monitor your azure subscription including Log Analytics (event based logging, alerting and analytics) and App Insights (application logging and alerting)