How to configure a VM to feed its Event Logs into App Insights or the Data Lake?
We want to add Azure cloud compute audit logs to Data Lake. For Virtual Machines, these would be Event Logs, and includes one time historical and ongoing. We want to do this for auditing purposes. Is there an option we can enable for this? We are trying to avoid having to feed this data manually extracting and then loading the data ourselves. So if there is an option in place that would be ideal!!
I looked into the possibility of ETW Events but isnt that just useful at the application level and not the VM level?
Ive also looked at this thread and there was a comment referring to an alternative solution called "Log Analytics" from Azure but clicking the link leads to an unknown page
You can use Azure diagnostic extension, an agent in Azure Monitor that collects monitoring data from the guest operating system
Go to Azure Portal, select your VM, under Monitoring section select Diagnostic Settings.
Configure the Event logs you need and sink (adls)
Select Logs
Select your app insights account where you want to route logs
Find logs in your data storage as tables
