I wanted to get all diagnostic settings from azure under my subscription. I want all either enable or disable. I am using the below API but it doesn't help as it required workflow and I don't have workflows.
https://learn.microsoft.com/en-us/rest/api/monitor/diagnosticsettings/list
I modified it and used the below it returns nothing. as on azure I have a total of 8 settings and 1 is enabled and others are disabled.
https://management.azure.com/subscriptions/{subscriptionId}/providers/microsoft.insights/diagnosticSettings?api-version=2017-05-01-preview
I don't think that you will be able to get the diagnostics settings for all the resources in your Azure Subscription in a single API call.
From the documentation link:
Gets the active diagnostic settings list for the specified resource.
The reason you're not getting any results back is because you're trying to get diagnostics settings for your subscription resource and AFAIK there are no diagnostics settings that can be defined at the subscription level.
What you would need to do is list down all the resources in your SUbscription and then for each resource you will need to get diagnostics settings separately.
Related
I am trying to enable Diagnostic Settings of subscriptions using a custom policy. But, the compliance report always shows 0/0; basically it is not identifying the subscriptions under a management group. To confirm this behavior, I created a custom policy, duplicating the BuiltIn policy "Enable Azure Security Center on your subscription". It is also showing 0/0. Is there any limitation to deploy something using a DeployIfNotExists policy at subscription level?
Azure Policy is capable of deploying resources at the Subscription level. Are you sure that your scope for the Policy Assignment is set at the parent Management group of your Subscriptions?
This should be what you are looking for. There are examples in this directory for creating diagnostic settings for Activity Logs on a Subscription that point to a Storage Account, Log Analytics Workspace, or an Eventhub. Below is a link for a deployIfNotExists policy that points to a Log Analytics Workspace.
https://github.com/Azure/Community-Policy/blob/master/Policies/Monitoring/deploy-diagnostic-setting-for-activity-log-log-analytics/azurepolicy.json
(all credit for this policy to the original author)
I am trying to create an azure resource manager template to provision storage accounts, and I want to enable diagnostics logging on creation.
Basically I am trying create a resource manager template to achieve the same result of them Cmdlet Set-AzureStorageServiceLoggingProperty so that the diagnostics logging is enabled on creation time, instead of enabling this manually every time a storage account is provisioned.
I came across this github thread in azure docs, it says that this feature is not supported yet, and it will be supported in the second half of calendar year 2019.
And the recommend way for automating this task is using powershell & c# commands.
Team,
I am using the CSP subscription. I need to create a cloud service within the azure portal. But it gave me an red line saying that the "subscription not allowed to register Microsoft.classiccompute".
Is this because its using the CSP subscription ? Is there any workaround ?
I tried to find the "provider to register" to my subscription but cannot be found in the list to register it.
How do we possibly include the provider to my subscription or is it that CSP subscription is not allowed to register?
Do I have to use a Non CSP subscription.? Please help
Azure CSP supports only the Azure Resource Manager model, the cloud service Microsoft.classiccompute is classic deployment model, you need to use another subscription, refer to this link.
For example, because Azure CSP supports only the Azure Resource Manager model, non-Azure Resource Manager services are not available in the program.
I need to assign publish permission to one of my developers so that he should be able to publish to only one cloud service & do not affect others.
Azure websites have these concepts called download publishing profile.
I could not find anything similar for cloud service. Can it be
achieved?
As you know Azure Management Portal does not have any role defined where we could map a user account login to manage a set of resources (say cloud service 1 & 2)
It is not possible as of today. It seems that it should be possible with Resource Groups and Role Based Access Control (RBAC) however currently cloud services can't be added in resource groups and assigned RBAC.
One way you could achieve this is have a custom application consuming Service Management API and implement your own RBAC in that application. However it is still a "hack" and not proper solution.
Why don't you try using "publish from source control"? When the developer checks in it will auto publish the code.
I believe the new portal will allow the creation of roles for publishing profiles; it already allows adding additional users to your organization; but to get what you want for now; publishing from source code should do the trick.
I want to monitor a cloud service in azure portal . When I go to the azure portal , I get the message as "LEVELThis setting is not currently available." under monitoring tab.
Then I learnt from the msdn that , right click on web role in visual studio and check the "enable diagnostics" checkbox.
Then I redeployed the application azure portal .
Still the monitoring option is not configurable. What could be the issue ? What am I missing here?
For Storage you can enable monitoring and logging from within the respective tabs within the Storage configuration pages of the portal.
Jason