Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

RBAC on LogAnalytics

Copper Contributor

is it possible to fine grain a control a user has over different data within log analytics

example: Company A - is ingesting data to Log analytics 1

                Company B- is ingesting data to Log analytics 1

i would like that each company will see its own data and not of each other.

company A cant see B and vice versa. keep in mind that the data is all stored on the same log Analytics and may be stores in the same table for both companys. 

is RBAC over the data possible using Tags?

3 Replies

@omrip It is not possible if they are storing information into the same table but if they use different tables then it is completely possible. 

 

This article has a lot of information regarding it:  https://techcommunity.microsoft.com/t5/Azure-Sentinel/Table-Level-RBAC-In-Azure-Sentinel/ba-p/965043

@Gary Bushey 

is it possible to tag data per Entity on ingest? 

do you have some mechanism of views (MSSQL like) in LA? that we could filter data by Tag on the where clause?

 

 

 

@Eran Alshech 

 

1) is it possible to tag data per Entity on ingest

  You have no control over the data as it comes in unless you are writing to a custom log

 

2) do you have some mechanism of views (MSSQL like) in LA? that we could filter data by Tag on the where clause?

  Not that I can see.  I fail to see any data that allows tags to be added