Azure resources Audit details? - PhpOut

AshwaniKumar
May 27, 2022
256 views
1 vote
2 Answers

Is it possible to validate or check who has created/deleted resources apart from the azure resources group Audit log or deployment group?

As per my understanding system will hold an audit log for not more than 3 months.

And what in case someone deletes a resources group.. how to track who has deleted etc.

Appreciate your input/guidance or the best approach to capture such details.

Tags: azure azure-devops graph-explorer

Answers

- PeterBons
- May 27, 2022 at 9:53 am
- 0 votes
0
All activities, including de deletion of resource groups, are recorded in the Activity Log. It logs also the caller (username of the user that initiated the operation):

As per my understanding system will hold an audit log for not more than 3 months.

You can setup a continuous export of the Activity Log to for example a storage account or a Log Analytics Workspace. The retention for a Log Analytics Workspace can be set to a maximum of 730 days.

If you route the logs to a storage account you can have unlimited storage retention.

Login or Signup to reply.

- SaiSakethGuduru
- May 27, 2022 at 11:40 am
- 0 votes
0
- *As far as I know and as per the document, we don’t have any way other than Azure Activity logs to find out the information related to activities done.
- And as you already know we have 90days of retention time but if you want to get longer retention time you can create diagnostic setting and route to different locations.
- Here is the Document which will help you in creating diagnostic settings. *
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.