We are trying to create some alert rules based on the Log Analytics AzureActivity data for all of our subscriptions from a central place, but it seems that not all Activity Log events get forwarded to Log Analytics. We miss almost everything except the "Administrative" category of the Activity Logs.
Is this the expected behavior or are I missing something? How can we create cross subscription alert rules for these categories of the activity logs from an central place? I realy dont want to create duplicate alert rules for Activity Log events for each of our subscriptions.