Blog Post

FastTrack for Azure

17 MIN READ

Generate Azure Policy Compliance Alerts By Sending Custom Data to Log Analytics - Part 1

Microsoft

Dec 02, 2022

Update: Part 2 of this Blog series is available, utilizing a more streamlined architecture, and provides automation code to deploy the whole solution. If you are interested in this solution, be sur...

Updated Sep 09, 2024

Version 13.0

Infra

DJBartles

Microsoft

Joined August 13, 2020

View Profile

FastTrack for Azure

Follow this blog board to get notified when there's new activity

nkrueger405

Copper Contributor

Jan 04, 2024

Seconding previous comments that this is lot of work to simply fire alerts for a policy. To anyone looking into the https://learn.microsoft.com/en-us/azure/azure-monitor/logs/ingest-logs-event-hub, currently in preview, linked in a few recent comments it is also pretty large number of steps. And much worse from my perspective is this pre-requisite of the official way to do this:

Your Log Analytics workspace needs to be https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-dedicated-clusters#link-a-workspace-to-a-cluster or to have a https://learn.microsoft.com/en-us/azure/azure-monitor/logs/cost-logs#commitment-tiers.

The minimum commitment tier is 100 GB/day ($5,880/month in eastus2) and the cheapest dedicated cluster requires a 500 GB/day commit ($25,950/month in eastus2). So for any small operations or folks not using a lot of log analytics widely that solution is out of reach.