'where' operator: Failed to resolve table or column expression named 'SecurityEvent'

Carlton Patterson · ‎Sep 04 2018

Hello Community,

I originally submitted this question here asking for help with this matter.

I chap called Travis mentioned I could find the answer from the following link:

However, the link appears to be broken.

Travis, if you pick this up, you're help will be greatly appreciated in providing an alternative link to your video solution.

Otherwise, any help resolving this issue will be greatly appreciated.

Cheers

Carlton

Stanislav Zhelyazkov · ‎Sep 04 2018

In case Travis does not answer here is some guidance. The Security & Audit solution is no longer standalone solution. It is part of Azure Security Center (ASC). To use ASC and that solution you need to be on the Standard SKU for ASC. The doc for upgrading to Standard tier is here: https://docs.microsoft.com/en-us/azure/security-center/security-center-onboarding You will also need to upgrade the SKU of the Log Analytics workspace as well. Informaiton on the same link. Additionally to the same workspace you will deploy the Security & Audit solution from the marketplace: https://azuremarketplace.microsoft.com/en-au/marketplace/apps/Microsoft.SecurityOMS?tab=Overview Below blog post will also help you understand how to setup the event logging level for secrutiy events: https://cloudadministrator.net/2018/01/16/tips-and-tricks-of-setting-up-azure-security-center/ More documentation on setting up and what events are gathered with the different levels: https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-data-collection

Products (50)