I am a newie to Azure log analytics and dashboards.
We are looking to build a dashboard with log analytics query in Azure. We need to show different views to people based on the user logged in to Azure. For this we need to get the current logged in user so that we can pass this as a variable in the query. How can I achieve this.
I searched for this in the help documents. But nowhere there is a mention on how to get the logged-in user
I guess this is what you're looking for:
https://powerbi.microsoft.com/fr-fr/blog/azure-active-directory-meets-power-bi/
Power BI + Azure AD integration. In case you need, you can extend and create your own queries to retrieve more information from other data sources (e.g Azure Monitor)
Related
I created Audit Trail in my database by overriding EF Core SaveChanges and SaveChangesAsync methods and storing if entity was Added, Removed, Edited, what columns where edited and what user did it.
However, I became aware of Azure Monitor, but I cannot find information is it possible to track changes made to records stored in selected errors using Azure Monitor instead of what I've done?
if entity was Added, Removed, Edited,what columns where edited and what user did it. is it possible to
track changes made to records stored in selected errors using Azure
Monitor instead of what I’ve done?
Yes, You can make use of audit logs to get the logs of commands executed in your Azure SQL on Inserting, Selecting, and Creating the data. You can make use of Azure Monitor Performance management and SQL Insights to get information and logs on the Top queries and errors on the query execution by the user. You can send your Azure SQL Logs to the Log Analytics workspace and query the details.
Audit Logs:-
Enable Audit Logs for your Azure SQL server like below and send the data to Log Analytics, You can also store the data in your Storage account. :-
Enable Azure SQL Server level logging:-
Enable Azure SQL DB level logging for Database events:-
This will create one Log analytics solution for the SQL audit logs in the selected LA workspace and you can find your Azure SQL DB records and logs below :-
Solution :-
You can also find the Top executed queries and error codes if the queries failed here in the Performance overview:-
Click on the Top executed query details row and you will find additional details on the query like below :-
You can send Azure SQL Logs via diagnostics settings too and send it to Log Analytics Workspace:-
If you’re connected to SSMS, you can import your audit logs to SSMS by storing the audit logs in your storage account first and then importing it like below :-
there are few users added in Databricks who are able to run notebooks, clusters etc. How do I find when those users were created?
This information isn't exposed through SCIM Users API, so the only way to find it is to look into diagnostic logs if it was enabled before users were created, and logs aren't older than retention time in the Log Analytics.
We have a Log Analytics workspace 'XYZ' in one subscription where all azure services logs are being sent to, from all other subscriptions as well.
We have our Data Factory Solution in another subscription where one user has Owner access. Its logs are also being stored in 'XYZ'.
The challenge we are facing is, this user wants to access Data Factory logs but we can't give it as the Log Analytics workspace contains logs from other services as well such as backup.
Is there a way to grant this user access only on Data Factory logs?
You can grant users and groups only the amount of access they need to work with monitoring data in a workspace by using role-based access control(RBAC). More detail, you can refer to this documentation.
I want to view logs in azure, I mean logs that I have in the console in localhost where I can find them in web site deployed in azure? I am consuming an external API and I want to see what I send and what I received from the prod env
thank you
There are couple of ways to track logs in Azure
Azure API Management
Azure Monitor
Azure API Management helps you track all kinds of requests including
View activity logs
View resource logs
View metrics of your API
Set up an alert rule when your API gets unauthorized calls
Azure Monitor on the other hand helps it possible to programmatically retrieve the available default metric definitions, granularity, and metric values.
The data can be saved in a separate data store such as Azure SQL Database, Azure Cosmos DB, or Azure Data Lake. From there additional analysis can be performed as needed.
I'm trying to determine whether Azure SQL Reporting can be used to provide reporting on an application we're hosting in Azure with an Azure SQL database back-end.
Ideally we'd like to be able to offer users the ability to create their own reports. To do this, we need to expose to them the subset of the data which applies to the organisation they're associated with.
Users identities come from federated providers via Azure ACS.
What can I do to customise the data exposed and offer only the subset a user is allowed to access?
I don't think this is something you can implement in Reporting Services.
I have had similar situations using standard Windows users and we created views on the tables that joined to some mapping table (e.g. company and user) and used SUSER_SNAME() to return the current user login name. Users only had permissions to access the data via the views and their login name acted as a filter on the rows.