Jun 26 2022 12:52 PM
Jun 26 2022 12:52 PM
My first post with request for support.
I have one LAW responsible for collecting Azure activity logs from another 50+ subscriptions.
Under insights -> Health for LAW, For some of them I can see the following error :
Access to the subscription was lost. Ensure that the XXXXXXX subscription is in the XXXXXXXXXX Azure Active Directory tenant. If the subscription is transferred to another tenant, there is no impact to the services, but information for the tenant could take up to an hour to propagate. Subscription was deleted or insufficient permissions. Consider disabling Activity Logs collection from this subscription. Please view http://aka.ms/DisablingActivityLogsCollection for more info. (1)
Data Collection (Azure Activity Log Collection)
Access to the subscription was lost.
Tenant is a EA and I am owner in each of the subscriptions, as well the one with LAW.
Recently I found that there is something new, which I am now aware:
I can see banner at the top where I can read the following message:
"Collecting Activity Logs through Diagnostics Settings is the recommended way to integrate with Log Analytics."
So, I was wondering, should I now disconnect all subscriptions from this Azure Activity log blade under LAW? So I can stay only with the current settings done via https://docs.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log#send-to-log-analytics-w...
desired configuration for configuring the collection of Azure activity log which I configured under each subscription?
Or should I do another trick?
Another important information is that not all subscriptions are reported with this error: Access to the subscription was lost.
Actually one more question. What is the difference between connecting Azure Activity log from Log analytics workspace blade and from Subscription blade - Activity Log - Export Activity Log ???
@Stanislav Zhelyazkov - I know you are big expert into this, so please excuse me if the questions are too lame, I know you will step in :)
Jun 26 2022 11:34 PMSolution
Jun 27 2022 08:28 AM
Jun 28 2022 12:20 AM
@NCreminder Go to Subscription ->Activity log ->Export Activity log ->
and then configure such export setting:
You can also use Azure policies for easy onboarding of every new subscription.