The Azure Monitor Logs feature of Azure Monitor collects, stores, and organizes log and performance data from monitored resources. In this lab, you will enable diagnostic settings on a storage account to send Blob storage logs to a Log Analytics workspace. You will also use Azure Monitor Logs to query for anonymous access to blobs and create an Azure Monitor alert to notify you when anonymous access to a storage account is logged.
Successfully complete this lab by achieving the following learning objectives:
- Configure Diagnostic Settings
Configure diagnostic settings on the storage account to send Blob service logs to the Log Analytics workspace.
- Perform Anonymous Access
IMPORTANT: Do not upload a file that contains confidential or private information.
Upload a test file to the
datacontainer and access the file anonymously.
- Use Azure Monitor Logs to Query Logs
Write a query using Azure Monitor Log Analytics to determine if anonymous access has been recorded against the storage account:
StorageBlobLogs | where AuthenticationType == 'Anonymous'
- Create an Azure Monitor Alert
Use Azure Monitor alerts to create an alert for anonymous access.
- View Azure Monitor Alerts
- Access the test file anonymously again.
- View the alert in Azure Monitor.