Enumerating storage accounts to calculate Microsoft Defender for Storage plan for Storage Cost
Published Jan 13 2020 09:56 AM 5,339 Views

Microsoft Defender for Storage provides an additional layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit storage accounts. Microsoft Defender for Storage ingests diagnostic logs of read, write, and delete requests to Blob storage and Files for threat detection. 


One way to verify the amount of transactions/day that were analyzed, is by using the Storage account blade, under Advanced Security, as shown below:




While this information can help you to estimate the overall cost of this solution per storage account, for large deployments where you have multiple storage accounts, this could be hard to consolidate.


With the intent to facilitate this calculation, you can leverage this script (from our GitHub community / written by Microsoft) to pull the Blob and File transactions metric from each storage account in a subscription or tenant. The results are exported to a csv. User can then use Excel to sort by account and calculate the total transactions for both services. This can then be used to calculate Microsoft Defender for Storage pricing. 


Note: you can use this automation as a base to enable Microsoft Defender for Storage on specific accounts.


1 Comment
Version history
Last update:
‎Oct 28 2021 12:26 AM
Updated by: