I'm trying to use "Set-AzDiagnosticSetting" to define for example an PublicIP, I would like to do the same for the other objects too, but currently I`m testing on this.
If you go within GUI: PublicIP -> Diagnostic Settings -> Add Diagnostic Settings -> Name -> Stream to an event Hub -> Chose Event Hub NameSpace -> Event Hub Name -> Event Hub Policy -> Click Ok Select from log -> DDoSProtectionNotifications, DDoSMitigationFlowLogs, DDoSMitigationReports from metric -> All Metrics -> click Ok -> Click Save and voila the Diagnostic Setting Name has been created.
How can I write this in Azure CLI to get it work in a code as I can't nail it:
Set-AzDiagnosticSetting -ResourceId $resID -Enabled $True -Name "IPDiagnostic" -EventHubName $eveH -Category "DDoSProtectionNotifications","DDoSMitigationFlowLogs", "DDoSMitigationReports" -EventHubAuthorizationRuleId "RootManageSharedAccessKey"
I don't know which are the options that I have to fill in this command to make it work: https://learn.microsoft.com/en-us/powershell/module/az.monitor/set-azdiagnosticsetting?view=azps-3.0.0
Thank you!
az monitor diagnostic-settings create --resource "/subscriptions/…/ResourceGroup/providers/Microsoft.Network/publicIPAddresses/NameOfTheResource" \
-n "IpDiagnostic" \
--event-hub-rule "/subscriptions/…/LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog/authorizationrules/RootManageSharedAccessKey" \
--event-hub /subscriptions/…/LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog " \
--logs '[
{
"category": "DDoSProtectionNotifications",
"enabled": true,
"retentionPolicy": {
"days": 0,
"enabled": false
}
},
{
"category": "DDoSMitigationFlowLogs",
"enabled": true,
"retentionPolicy": {
"days": 0,
"enabled": false
}
},
{
"category": "DDoSMitigationReports",
"enabled": true,
"retentionPolicy": {
"days": 0,
"enabled": false
}
}
]'
--metrics '[
{
"category": "AllMetrics",
"enabled": false,
"retentionPolicy": {
"days": 0,
"enabled": false
},
"timeGrain": null
}
]'
Hello and welcome to Stack Overflow!
There are two variants in which you can issue this command through Azure CLI, i.e., using either a Storage account as the sink, or an Event Hub (with an Event Hub rule):
Using a Storage Account:
az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli --storage-account /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Storage/storageAccounts/xxxxx
--logs '[
{
"category": "JobStreams",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
--metrics '[
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
Using a Event Hub:
az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli --event-hub /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx --event-hub-rule /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx/AuthorizationRules/xxxxx
--logs '[
{
"category": "JobStreams",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
--metrics '[
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
To know more about what each of the options mean, please check the command reference here. If you still run into issues, please feel free to post the error detail possibly also including a screenshot and we can troubleshoot it further. Hope this helps!