Feb 15 2022
11:26 AM
- last edited on
Apr 08 2022
10:59 AM
by
TechCommunityAP
Feb 15 2022
11:26 AM
- last edited on
Apr 08 2022
10:59 AM
by
TechCommunityAP
If have an Azure Security group: "Super Secret"
What is the Query to set an Alert in Azure monitoring, when a user was added or removed from that group?
Feb 21 2022 08:35 AM
Hello,
I assume this is regarding AAD security groups.
You can direct the AAD audit logs to Log Analytics workspace as explain here:
Then you can create log search alert rules to detect the specific activities you would like to monitor.
I hope this helps,
Yair Gil
Program Manager, Azure Monitor
Feb 21 2022 10:35 AM