Forum Discussion
Separating Logs for RBAC
MicrosoftSimonR Do you also have the standard Log Analytics agent installed on the on prem VM, or just Azure Arc for servers?
"This agent does not deliver any other functionality, and it doesn't replace the Azure Log Analytics agent. The Log Analytics agent for Windows and Linux is required when you want to proactively monitor the OS and workloads running on the machine, manage it using Automation runbooks or solutions like Update Management, or use other Azure services like Azure Security Center."
https://docs.microsoft.com/en-us/azure/azure-arc/servers/overview#supported-scenarios
SoniaCuff I have both the LA agent and the Arc agent installed on both a Windows and Linux box. I've created resource groups to control access to the logs for these servers. When I try and select a scope in Monitor the resource groups do not appear in the selection list, although others do. Each resource group currently only contains the server with the LA and ARC agents on and my (possibly incorrect) assumption what that would allow me to create a boundary for access to the logs each VM is forwarding rather than have everything exposed to the user.