Hi @Porter76,

as far as I know, Microsoft Azure does provide the capability to monitor and track the creation of new Azure subscriptions but not with Sentinel rather using Log analytics and Azure Logic App.

Here is an interesting article how to achive that:

Monitoring for Azure Subscription Creation - Microsoft Community Hub
Azure Activity connector for Microsoft Sentinel | Microsoft Learn

You can see when a new Subscription starts to write data (which could be after its created/enabled)

An example, which compares any seen in the last month -1day to the SubscriotionIDs seen today, so any new one in the past 24hrs must be newly active:

let lastMonth = (
AzureActivity
| where TimeGenerated between(ago(30d) .. endofday(ago(1d)))
| distinct SubscriptionId
);
AzureActivity
| where TimeGenerated > ago(1d)
| where SubscriptionId !in(lastMonth)
| distinct SubscriptionId, TimeGenerated