Forum Discussion
Log Analytics Workspace - Minimum Permissions to submit custom events?
Hi mindfulrants, as you mentioned workspace key, it means you're probably referring to the (now called) legacy HTTP Data Collector API, which has been deprecated and will be retired in 2026.
As you want to use an app registration, then I suggest that you use the new API, that's based in DCR\DCE: Logs Ingestion API in Azure Monitor - Azure Monitor | Microsoft Learn
Since the permissions are actually given at the DCR level, it does allow a deeper level of granularity, hence you can just use the 'Microsoft.Insights/Telemetry/Write' action:
Once you have everything setup, you can use the sample PowerShell code to get you started: Sample code to send data to Azure Monitor using Logs ingestion API - Azure Monitor | Microsoft Learn
Hope this helps!
MicrosoftHi mindfulrants, as you mentioned workspace key, it means you're probably referring to the (now called) legacy HTTP Data Collector API, which has been deprecated and will be retired in 2026.
As you want to use an app registration, then I suggest that you use the new API, that's based in DCR\DCE: Logs Ingestion API in Azure Monitor - Azure Monitor | Microsoft Learn
Since the permissions are actually given at the DCR level, it does allow a deeper level of granularity, hence you can just use the 'Microsoft.Insights/Telemetry/Write' action:
Once you have everything setup, you can use the sample PowerShell code to get you started: Sample code to send data to Azure Monitor using Logs ingestion API - Azure Monitor | Microsoft Learn
Hope this helps!
- Thanks, josecons this is actually very useful.
I dont want to have an app registration because there is a shared secret involved, rather i want to use a Managed Identity, in this particular case assigned to an Azure Arc Enabled Server.
