Forum Discussion
Log Analytics into Azure Lighthouse
I had a look at the community pages, but can't find a section specific to Lighthouse, so pardon me for posting here. If there is a dedicated space, I would appreciate a link.
I have an issue pulling customer log information from Log Analytics into our Lighthouse tenant.
I have a group that gets assigned Contributor rights to the customer environment at subscription level. I am able to browse all resources, and I have verified that I can create resources. However, when I access the Log Analytics workspace(s), I am unable to run any queries (or query any VM performance data through Azure Monitor), and it's as if it just hangs there trying to retrieve the log data. Attached is a snip of what I see.
Logging in to the customer tenant directly with Owner permissions I am able to successfully query the logs and view VM performance data.
Please advise if there are any specific considerations in terms of permissions. I assumed Contributor role at subscription level would have sufficed.
Thanks
Sebastiaan
SebastiaanR I never even thought of a scenario where the managing tenant wouldn't have a subscription! Add even an Azure Free Account sub to it and see if that works.
Apply "Log Analytics Reader" role. "Contributor" rights will not give access to read/query logs.
Hope this helps!
-Azeem
Thanks for the guidance.
I've changed this, and I now get the LA Reader role assigned (at subscription level). Whenever I run any query, I still get the following error:
ERROR RETRIEVING DATARegister resource provider 'Microsoft.Insights' for this subscription to enable this query If issue persists, please open a support ticket.Request id:I've confirmed that the provider is registered against the subscription.When running this same query when logged in directly to the subscription, I get a successful result.This is the case with multiple subscriptions, which leads me to believe it is either still a permission issue. Especially considering the following alert I get via e-mail:
{"statusCode":"Unauthorized","serviceRequestId":null,"statusMessage":"{\"error\":{\"code\":\"AuthorizationRequiredError\",\"message\":\"Valid authentication was not provided\"}}","eventCategory":"Administrative"}- SoniaCuff
Microsoft
SebastiaanR Did you get a resolution for this?
I've mirrored your scenario by setting up my provider with ONLY log analytics reader access to a test customer subscription, and I can successfully query log analytics (via Lighthouse delegation) with no errors. This suggests it's something specific to your provider tenant, which would require a support ticket for Microsoft to investigate.
-Sonia
