I am an admin of a subscription along with some other people.
In Azure is it possible to create Alerts(using Activity Logs) on my Subscription to Notify me if someone adds/modifies or deletes any resource.
I know that i can add alerts on individual resources, but i want to add an alert at the subscription level.
Yes, you can select a resource, resource group, or an entire subscription for activity log signal
We could create the alert with Azure portal and set Alert Target subscription.
For more information, please refer to Create, view, and manage activity log alerts using Azure Monitor.
Related
I have a question around Azure AD user deletion.
We currently have internal application in which we store employee information using their email id.
When an employee leaves the company their Azure AD account gets deleted by the admin team. But, we are not informed of this deletion.
We are trying to figure out if there an event or trigger in Azure AD, that we can hook into, when a user is deleted or their details are modified.
Has anyone had this issue, and found a way around it?
Help much appreciated.
As mentioned by # Noahstahi deletion are tracked in the azure ad Audit logs
you can route the logs to:
.An Azure storage account.
An Azure event hub, so you can integrate with your Splunk and Sumologic instances.
Azure Log Analytics workspace, wherein you can analyze the data, create dashboard and alert on specific events
or else we can create a Webhook for receiving "Delete" notifications when a user is deleted from Azure AD.
Set up notifications for changes in user data
Reference SO Thread for using Webhook
Is there a way to send a notification when a server gets destroyed in Azure ? I need this to be at the subscription level and not at the server or resource group level.
Thanks !
You have an Azure Activity log at the subscription level. There is a log category Delete. You can create alert log based on it.
I want to get the monthly billing invoice of my Azure Resource Group usage sent to my mail instead of downloading it manually from the portal.
This can be possible at subscription level but can this be achieved at Resource group level?
Any ideas please?
You can opt for this option,
To opt in, select your subscription from the Subscriptions blade. You have to opt in for each subscription you own. Select Send my invoice (you might not see this if you're not the account admin), and then select Opt In.
However the bill wont be at the resource group level details
After a lot of research and help from Stack Overflow, I was able to achieve the requirement as mentioned in the question.
You have two options:-
Use the Schedule Export feature in Azure Cost Management.
Use the Azure Cost Management API to create export.
Once you've added scheduled the export, your invoice will be stored in your storage account. (You will need to add the storage account details in the export configuration)
I have used an Azure logic app to pick up the invoice file contents from my storage account and then send it via mail.
Check my post for further clarification -->
Dynamically send blobs from azure storage account to email using azure logic apps
Say I have a https end point that can serve as a webhook url for azure event grid that I can provide in the Azure template. But that endpoint has not been validated yet. I also have an azure template that I wish for a tenant/customer to deploy. What is the way for me to receive an event that deployment of the template has finished successfully?
You may leverage Azure Monitor's capability to view activity logs to monitor actions on resources. More specifically, you'll be interested in events from the Deployments resource (Microsoft.Resources/deployments).
From there you may create an alert rule + action group that will push the event to a webhook of your choice. You may also scope your alerting to a single resource group or a whole subscription. See Create an alert rule and Create and manage action groups in the Azure portal.
In my company we have one Azure subscription and there are two or three users which are added on the same subscription and have right to create any resource on Azure.
Now since three users are working on same subscription and they are independently creating resources, I want to keep track or see which user created what resource on the same subscription.
Please let me know is there any way to see this tracking/activity details corresponding to the user.
Currently all users have administrator role/permission.
You are looking for the Activity Log:
The Azure Activity Log is a log that provides insight into the
operations that were performed on resources in your subscription
The Activity Logs provides customers a Portal and REST API experience to see who performed what management operations (PUT/DELET/POST) through Azure Resource Manager (ARM) for the past 90 days.
For anything older than 90 days, you have the option to archive the data to storage account or stream the data to Event Hub if you would like to ingest this data into your own system.
The Activity Log data is also available through the Operations Management Suite.
http://www.deployazure.com/management/operations-management-suite/azure-activity-log-analytics-alerts-with-operations-management-suite/