Forum Discussion
Log analytics data/intune logs from other tenants
Have you looked at https://techcommunity.microsoft.com/t5/device-management-in-microsoft/microsoft-intune-and-azure-log-analytics/ba-p/463145
AzureActivity
| summarize count() by TenantId , _ResourceId, ResourceId
Many tables have the TenantId and resourceID columns, I don't have any example intune ones to look at.
CliveWatson not sure how this can help me tho, as i cant forward intune logs to our tenants log analytics workspace, in the diagnostic settings i am only able to select a workspace within the customers tenant. i would need to be able to pull compliance data from another tenant, in to our workspace or query the data from our tenants workbook
The use of tenant isn't clear to me.
1. Do you have just a single central workspace?
2. Does each client have their own workspace:
- Are these in the same Subscription as you?
- Are these in another Azure Active Directory? If so do you know about Azure Lighthouse?
A Workbook can get data from any Subscription you have access to, and any you have access to via Lighthouse (if they are in a separate AAD / tenant).
https://docs.microsoft.com/en-gb/azure/lighthouse/concepts/azure-delegated-resource-managementAre you Tenant A in this diagram, talking to Tenant B & C? https://docs.microsoft.com/en-gb/azure/lighthouse/concepts/enterprise#tenant-management-architecture
CliveWatson Yes i would be in tenant A in this case, my user can access/manage their intune blade, but only global admin for each tenant has a subsription, there is no log analytics workspace in any of the customers tenants. I have too look into "delegate resources management"
