As per OMS portal Azure Custom logs are in preview mode. I am not able to find any link, providing an expected date of general availability. Can neone help me with that ??
Also I am not able to find any link providing information on how to activate custom logs for a virtual machine scale set ? Other than log analytics? is there is any way to capture custom logs ??
Currently, Custom Logs is in preview, you need enable it on OMS Portal firstly.
More information about this you could check this question.
If you want to collect log from VMSS, you need install oms agent on it. You could use CLI to do this, for Linux:
az vmss extension set --name OmsAgentForLinux --publisher Microsoft.EnterpriseCloud.Monitoring --resource-group <nameOfResourceGroup> --vmss-name <nameOfNodeType> --settings "{'workspaceId':'<OMSworkspaceId>'}" --protected-settings "{'workspaceKey':'<OMSworkspaceKey>'}"
For Windows:
az vmss extension set --name MicrosoftMonitoringAgent --publisher Microsoft.EnterpriseCloud.Monitoring --resource-group <nameOfResourceGroup> --vmss-name <nameOfNodeType> --settings "{'workspaceId':'<OMSworkspaceId>'}" --protected-settings "{'workspaceKey':'<OMSworkspaceKey>'}"
More information about Custom logs in Log Analytics you could check this official document.
Related
Does anyone know how to configure the selected public network for a Batch Account?
I only found this article that explains how to do it from the Azure Portal: https://learn.microsoft.com/en-us/azure/batch/public-network-access?WT.mc_id=Portal-Microsoft_Azure_Batch
The Azure CLI documentation has a --public-network-access {Disabled, Enabled}, but how can one set an IP range as described in the link above through the command line?
Likewise we do have Az CLI command for IP Network rule configuration in Azure Storage Account and Key Vault Unfortunately we don't have az cli command to configure IP network rules for Azure Batch acount.
I have checked in the Azure Batch CLI commands doc. The only thing I found was batch account creation with public network access disabled/enabled command:
az batch account create --location westus2 --name testaccount --resource-group v-rXXXXXXdtree --public-network-access Enabled
I am trying to get list of web apps using az cli az webapp list. And when I try to get the diagnostic setting for the particular web app using az monitor diagnostic-settings list --resource-group nameRG --resource id. I dont get any information and logs and diagnostic settings are enabled for app services. I am not sure what i am doing wrong.
I am just trying to get the list of diagnostic settings for a resource. If you know better way please mention it.
Thanks
Usage:
az monitor diagnostic-settings list --resource Name --resource-group RGName --resource-type Microsoft.Web/sites
Or:
az monitor diagnostic-settings list --resource ID
Make sure the resource id correct like this format:
/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}
You could get the resource id by this command:
az webapp show --name MyWebapp --resource-group MyResourceGroup
I'm trying to use the Azure CLI to update the Incoming Client Certificate option under Web App > Configuration > General Settings > Incoming Client Certificates to use the value Allow.
Currently I can only set the value to true/false which correlates to Require/Ignore.
az webapp update --set clientCertEnabled=true--name MyWebApp --resource-group MyRsGrp
I haven't been able to find anything in the reference documentation.
https://learn.microsoft.com/en-us/cli/azure/webapp?view=azure-cli-latest#az_webapp_update
Does anyone have a nifty way to configure this setting? Thanks!
To set it to Allow, there are two properties need to be set, clientCertEnabled and clientCertMode, clientCertMode is not available in command az webapp update, you need to use az resource update.
Just use the command below, it works for me.
az resource update --name <webapp-name> --resource-group <group-name> --namespace Microsoft.Web --resource-type sites --set properties.clientCertEnabled=true properties.clientCertMode=Optional
I haven't found a command line switch for enabling diagnostic settings when creating a VM with the Azure CLI.
I know it works in the portal, but likely this is a separate step in the deployment template.
However, there is a new command line switch for enabling log analytics workspace immediately (Preview).
az vm create cli does not provide the arguments about diagnostic settings, so I am afraid that we cannot enable diagnostic settings when creating an azure vm.
As workaround, you can try to enable the diagnostics settings using Azure CLI by following this document.
az vm diagnostics set --settings
[--ids]
[--no-auto-upgrade {false, true}]
[--protected-settings]
[--resource-group]
[--subscription]
[--version]
[--vm-name]
Here is a case on github you can refer to .
I wonder if there is a way to use AZ CLI to see all available configuration options for a specific Azure service.
The purpose is to be able to secure that we have configured everything correctly. And to be able to question why certain configuration options has not been configured properly.
You could use az resource show command, in general, you can find the Resource ID in your resource in the portal -> Properties(not exclude some properties of some specific resources cannot be modified, it depends on the specific case).
az resource show --ids <Resource ID of your azure resource>
For example, you could use the command for a web app, the properties are all returned.
az resource show --ids /subscriptions/<subscription-id>/resourceGroups/<grouo-name>/providers/Microsoft.Web/sites/joywebapp1
Besides, if you want to set the properties, you could use az resource update, sample as below.
az resource update --ids $id --set properties.connectionType=Proxy
I am not sure if you want to see all the configuration options for a particular command. Azure CLI has something named Interactive mode which let you to see the available commands and options.