Forum Discussion
Log Analytics into Azure Lighthouse
SebastiaanR I never even thought of a scenario where the managing tenant wouldn't have a subscription! Add even an Azure Free Account sub to it and see if that works.
MicrosoftSebastiaanR Did you get a resolution for this?
I've mirrored your scenario by setting up my provider with ONLY log analytics reader access to a test customer subscription, and I can successfully query log analytics (via Lighthouse delegation) with no errors. This suggests it's something specific to your provider tenant, which would require a support ticket for Microsoft to investigate.
-Sonia
Hi SoniaCuff
Same error in my case. I gave Sentinel Contributor and Logs Analytics Reader (also tried w/ Contributor) access to the same PrincipalId through Lighthouse. I can see alerts/incidents but not perform queries or see tables from the managing tenant.
Managed tenant did enable Microsoft.Insights. Any idea on how to debug this?
- In case anyone else ran into the same issue: Microsoft.Insights needs to be applied on the managing tenant, not the managed one. This was confusing as the error message only mentions "this subscription" while you're accessing a managed one.
milkmix_ Thanks for this feedback. This, however, did not resolve my problem.
The tenant I am accessing the customer subscriptions from does not have its own subscription associated, and the registered providers are added at subscription level, so not entirely sure how to then go about that.
Is this perhaps something I am doing wrong? Do I need to have a subscription (albeit even an unused one) in the managing tenant for this to work?
- SoniaCuff
SebastiaanR I never even thought of a scenario where the managing tenant wouldn't have a subscription! Add even an Azure Free Account sub to it and see if that works.
