Is it possible to validate or check who has created/deleted resources apart from the azure resources group Audit log or deployment group?
As per my understanding system will hold an audit log for not more than 3 months.
And what in case someone deletes a resources group.. how to track who has deleted etc.
Appreciate your input/guidance or the best approach to capture such details.
CodePudding user response:
All activities, including de deletion of resource groups, are recorded in the
As per my understanding system will hold an audit log for not more than 3 months.
You can setup a continuous export of the Activity Log to for example a storage account or a Log Analytics Workspace. The retention for a Log Analytics Workspace can be set to a maximum of 730 days.
If you route the logs to a storage account you can have unlimited storage retention.
CodePudding user response:
- *As far as I know and as per the document, we don't have any way other than Azure Activity logs to find out the information related to activities done.
- And as you already know we have 90days of retention time but if you want to get longer retention time you can create diagnostic setting and route to different locations.
- Here is the Document which will help you in creating diagnostic settings. *