Deep Dive: Subscription Activity Logs are being archived to a storage account (Azure)

  • Updated

This article provide more information on how to resolve alerts for the monitor Subscription Activity Logs are being archived to a storage account (Azure).

 

How to Fix:

1. Navigate to the Azure subscription that you would like to set this up for from here

2. Select "Activity log" and then "Export Activity Logs":

AzureActivityLogs.png

3.Select "Add diagnostic setting":

4. Select the categories of logs to send to a storage account in the same subscription that you are creating the logs for:

DiagSettingsAzure.png

5. Click the "Save" option on the top left

 

Common Reasons For Failure:

1. The storage account that you are sending this data to is not in scope in Vanta. Due to the nature of the logs that get created in Azure, the storage account hosting this data should be in scope in Vanta. Navigate to the integrations page in Vanta, select "configure scope" for Azure, and ensure that the storage account is in scope.

2. The storage account selected to send this data to is not in the same subscription for the logs it is creating. Ensure that you are sending this data to a storage account in the same subscription

 

Reading the test data:

The test data for this test will show the Azure subscription, as well as the accounts Vanta sees Activity Logs being routed to in that subscription. Ensure that you aren't running into any of the two common reasons for failure above for the accounts listed:

AzureLogsTestData.png

 

Was this article helpful?

Have more questions? Submit a request