Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community

which connector/table can I see Azure CLI issued commands?

Brass Contributor

I would like to know how to monitor Azure CLI. The 'Security Events' is not for it. The 'AzureActivity' was supposed to have it, but no. Anyone with experience on it?

4 Replies

@jjsantanna: AzureActity would not include the PowerShell commands as you type them, but will include the resulting API calls. 

@Ofer_Shezaf 

 

Is there a table or method to log/track Log Analytics Scheduled Queries ? So we know if those scheduled queries running in the background are succeeding, failing, timing out..

@majo01: Not at this time. We are working to add this capability.  

@Ofer_Shezaf 

I'm thinking of a workaround to monitor the scheduled log analytics rules as following. Is it feasible ?:

 

- creating a special log analytics rule whose condition is always true and will always result in alert, for example( Syslog | limit 10000) in an environment where we know it always has 10k syslog records.

- schedule the rule every 5 mins, so we expect an alert to be always generated every 5 mins.

- Monitor the generated alerts; if there is no alert at one of the rule runs , then there must be a service issue or latency issue, which is the case we want to capture.

- Optional: if the alert timestamps are consistent, we can find how long the rule run took to finish (comparing ProcessingEndTime with EndTime).

 

?