Azure Monitor 中的诊断设置的资源管理器模板示例
本文包含用于为 Azure 资源创建诊断设置的 Azure 资源管理器模板示例。 每个示例都包含模板文件和参数文件,其中包含要提供给模板的示例值。
若要为 Azure 资源创建诊断设置,请将 <resource namespace>/providers/diagnosticSettings
类型的资源添加到模板。 本文为某些资源类型提供了示例,但相同模式可以应用于其他资源类型。 对于每种资源类型,允许的日志和指标的收集有所不同。
注意
有关可用示例的列表以及在 Azure 订阅中部署这些示例的指南,请参阅 Azure Monitor 的 Azure 资源管理器示例。
活动日志的诊断设置
下面的示例将 Microsoft.Insights/diagnosticSettings
类型的资源添加到模板,从而为活动日志创建诊断设置。
重要
活动日志的诊断设置是针对订阅而非资源组(例如 Azure 资源的设置)创建的。 若要部署资源管理器模板,请使用适用于 PowerShell 的 New-AzSubscriptionDeployment
或适用于 Azure CLI 的 az deployment sub create
。
模板文件
targetScope = 'subscription'
@description('The name of the diagnostic setting.')
param settingName string
@description('The resource Id for the workspace.')
param workspaceId string
@description('The resource Id for the storage account.')
param storageAccountId string
@description('The resource Id for the event hub authorization rule.')
param eventHubAuthorizationRuleId string
@description('The name of the event hub.')
param eventHubName string
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
properties: {
workspaceId: workspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: 'Administrative'
enabled: true
}
{
category: 'Security'
enabled: true
}
{
category: 'ServiceHealth'
enabled: true
}
{
category: 'Alert'
enabled: true
}
{
category: 'Recommendation'
enabled: true
}
{
category: 'Policy'
enabled: true
}
{
category: 'Autoscale'
enabled: true
}
{
category: 'ResourceHealth'
enabled: true
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"settingName": {
"value": "Send to all locations"
},
"workspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "my-eventhub"
}
}
}
Azure 数据资源管理器的诊断设置
下面的示例将 Microsoft.Kusto/clusters/providers/diagnosticSettings
类型的资源添加到模板,从而为 Azure 数据资源管理器群集创建诊断设置。
模板文件
param clusterName string
param settingName string
param workspaceId string
param storageAccountId string
param eventHubAuthorizationRuleId string
param eventHubName string
resource cluster 'Microsoft.Kusto/clusters@2022-02-01' existing = {
name: clusterName
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
scope: cluster
properties: {
workspaceId: workspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
metrics: []
logs: [
{
category: 'Command'
categoryGroup: null
enabled: true
retentionPolicy: {
enabled: false
days: 0
}
}
{
category: 'Query'
categoryGroup: null
enabled: true
retentionPolicy: {
enabled: false
days: 0
}
}
{
category: 'Journal'
categoryGroup: null
enabled: true
retentionPolicy: {
enabled: false
days: 0
}
}
{
category: 'SucceededIngestion'
categoryGroup: null
enabled: false
retentionPolicy: {
enabled: false
days: 0
}
}
{
category: 'FailedIngestion'
categoryGroup: null
enabled: false
retentionPolicy: {
enabled: false
days: 0
}
}
{
category: 'IngestionBatching'
categoryGroup: null
enabled: false
retentionPolicy: {
enabled: false
days: 0
}
}
{
category: 'TableUsageStatistics'
categoryGroup: null
enabled: false
retentionPolicy: {
enabled: false
days: 0
}
}
{
category: 'TableDetails'
categoryGroup: null
enabled: false
retentionPolicy: {
enabled: false
days: 0
}
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"clusterName": {
"value": "kustoClusterName"
},
"diagnosticSettingName": {
"value": "A new Diagnostic Settings configuration"
},
"workspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "myEventhub"
}
}
}
模板文件:启用“审核”类别组
param clusterName string
param settingName string
param workspaceId string
param storageAccountId string
param eventHubAuthorizationRuleId string
param eventHubName string
resource cluster 'Microsoft.Kusto/clusters@2022-02-01' existing = {
name: clusterName
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
scope: cluster
properties: {
workspaceId: workspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: null
categoryGroup: 'audit'
enabled: true
retentionPolicy: {
enabled: false
days: 0
}
}
]
}
}
Azure Key Vault 的诊断设置
下面的示例将 Microsoft.KeyVault/vaults/providers/diagnosticSettings
类型的资源添加到模板,从而为 Azure Key Vault 的实例创建诊断设置。
重要
对于 Azure Key Vault,事件中心必须与密钥保管库位于同一区域。
模板文件
@description('The name of the diagnostic setting.')
param settingName string
@description('The name of the key vault.')
param vaultName string
@description('The resource Id of the workspace.')
param workspaceId string
@description('The resource Id of the storage account.')
param storageAccountId string
@description('The resource Id for the event hub authorization rule.')
param eventHubAuthorizationRuleId string
@description('The name of the event hub.')
param eventHubName string
resource vault 'Microsoft.KeyVault/vaults@2021-11-01-preview' existing = {
name: vaultName
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
scope: vault
properties: {
workspaceId: workspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: 'AuditEvent'
enabled: true
}
]
metrics: [
{
category: 'AllMetrics'
enabled: true
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"settingName": {
"value": "Send to all locations"
},
"vaultName": {
"value": "MyVault"
},
"workspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "my-eventhub"
}
}
}
Azure SQL 数据库的诊断设置
下面的示例将 microsoft.sql/servers/databases/providers/diagnosticSettings
类型的资源添加到模板,从而为 Azure SQL 数据库的实例创建诊断设置。
模板文件
@description('The name of the diagnostic setting.')
param settingName string
@description('The name of the Azure SQL database server.')
param serverName string
@description('The name of the SQL database.')
param dbName string
@description('The resource Id of the workspace.')
param workspaceId string
@description('The resource Id of the storage account.')
param storageAccountId string
@description('The resource Id of the event hub authorization rule.')
param eventHubAuthorizationRuleId string
@description('The name of the event hub.')
param eventHubName string
resource dbServer 'Microsoft.Sql/servers@2021-11-01-preview' existing = {
name: serverName
}
resource db 'Microsoft.Sql/servers/databases@2021-11-01-preview' existing = {
parent: dbServer
name: dbName
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
scope: db
properties: {
workspaceId: workspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: 'SQLInsights'
enabled: true
}
{
category: 'AutomaticTuning'
enabled: true
}
{
category: 'QueryStoreRuntimeStatistics'
enabled: true
}
{
category: 'QueryStoreWaitStatistics'
enabled: true
}
{
category: 'Errors'
enabled: true
}
{
category: 'DatabaseWaitStatistics'
enabled: true
}
{
category: 'Timeouts'
enabled: true
}
{
category: 'Blocks'
enabled: true
}
{
category: 'Deadlocks'
enabled: true
}
]
metrics: [
{
category: 'Basic'
enabled: true
}
{
category: 'InstanceAndAppAdvanced'
enabled: true
}
{
category: 'WorkloadManagement'
enabled: true
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"settingName": {
"value": "Send to all locations"
},
"serverName": {
"value": "MySqlServer"
},
"dbName": {
"value": "MySqlDb"
},
"workspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "my-eventhub"
}
}
}
Azure SQL 托管实例的诊断设置
下面的示例将 microsoft.sql/managedInstances/providers/diagnosticSettings
类型的资源添加到模板,从而为 Azure SQL 托管实例的实例创建诊断设置。
模板文件
param sqlManagedInstanceName string
param diagnosticSettingName string
param diagnosticWorkspaceId string
param storageAccountId string
param eventHubAuthorizationRuleId string
param eventHubName string
resource instance 'Microsoft.Sql/managedInstances@2021-11-01-preview' existing = {
name: sqlManagedInstanceName
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: diagnosticSettingName
scope: instance
properties: {
workspaceId: diagnosticWorkspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: 'ResourceUsageStats'
enabled: true
}
{
category: 'DevOpsOperationsAudit'
enabled: true
}
{
category: 'SQLSecurityAuditEvents'
enabled: true
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"sqlManagedInstanceName": {
"value": "MyInstanceName"
},
"diagnosticSettingName": {
"value": "Send to all locations"
},
"diagnosticWorkspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "myEventhub"
}
}
}
Azure SQL 数据库的托管实例的诊断设置
下面的示例将 microsoft.sql/managedInstances/databases/providers/diagnosticSettings
类型的资源添加到模板,从而为 Azure SQL 数据库的托管实例创建诊断设置。
模板文件
param sqlManagedInstanceName string
param sqlManagedDatabaseName string
param diagnosticSettingName string
param diagnosticWorkspaceId string
param storageAccountId string
param eventHubAuthorizationRuleId string
param eventHubName string
resource dbInstance 'Microsoft.Sql/managedInstances@2021-11-01-preview' existing = {
name:sqlManagedInstanceName
}
resource db 'Microsoft.Sql/managedInstances/databases@2021-11-01-preview' existing = {
name: sqlManagedDatabaseName
parent: dbInstance
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: diagnosticSettingName
scope: db
properties: {
workspaceId: diagnosticWorkspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: 'SQLInsights'
enabled: true
}
{
category: 'QueryStoreRuntimeStatistics'
enabled: true
}
{
category: 'QueryStoreWaitStatistics'
enabled: true
}
{
category: 'Errors'
enabled: true
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"sqlManagedInstanceName": {
"value": "MyInstanceName"
},
"sqlManagedDatabaseName": {
"value": "MyManagedDatabaseName"
},
"diagnosticSettingName": {
"value": "Send to all locations"
},
"diagnosticWorkspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "myEventhub"
}
}
}
恢复服务保管库的诊断设置
下面的示例将 microsoft.recoveryservices/vaults/providers/diagnosticSettings
类型的资源添加到模板,从而为 Azure 恢复服务保管库创建诊断设置。 此示例指定收集模式,如 Azure 资源日志中所述。 为 logAnalyticsDestinationType
属性指定 Dedicated
或 AzureDiagnostics
。
模板文件
param recoveryServicesName string
param settingName string
param workspaceId string
param storageAccountId string
param eventHubAuthorizationRuleId string
param eventHubName string
resource vault 'Microsoft.RecoveryServices/vaults@2021-08-01' existing = {
name: recoveryServicesName
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
scope: vault
properties: {
workspaceId: workspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: 'AzureBackupReport'
enabled: false
}
{
category: 'CoreAzureBackup'
enabled: true
}
{
category: 'AddonAzureBackupJobs'
enabled: true
}
{
category: 'AddonAzureBackupAlerts'
enabled: true
}
{
category: 'AddonAzureBackupPolicy'
enabled: true
}
{
category: 'AddonAzureBackupStorage'
enabled: true
}
{
category: 'AddonAzureBackupProtectedInstance'
enabled: true
}
{
category: 'AzureSiteRecoveryJobs'
enabled: false
}
{
category: 'AzureSiteRecoveryEvents'
enabled: false
}
{
category: 'AzureSiteRecoveryReplicatedItems'
enabled: false
}
{
category: 'AzureSiteRecoveryReplicationStats'
enabled: false
}
{
category: 'AzureSiteRecoveryRecoveryPoints'
enabled: false
}
{
category: 'AzureSiteRecoveryReplicationDataUploadRate'
enabled: false
}
{
category: 'AzureSiteRecoveryProtectedDiskDataChurn'
enabled: false
}
]
logAnalyticsDestinationType: 'Dedicated'
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"settingName": {
"value": "Send to all locations"
},
"recoveryServicesName": {
"value": "my-vault"
},
"workspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "my-eventhub"
}
}
}
Log Analytics 工作区的诊断设置
下面的示例将 Microsoft.OperationalInsights/workspaces/providers/diagnosticSettings
类型的资源添加到模板,从而为 Log Analytics 工作区创建诊断设置。 本示例将有关在工作区中执行的查询的审核数据发送到同一工作区。
模板文件
param workspaceName string
param settingName string
param workspaceId string
param storageAccountId string
param eventHubAuthorizationRuleId string
param eventHubName string
resource workspace 'Microsoft.OperationalInsights/workspaces@2021-12-01-preview' existing = {
name: workspaceName
}
resource setting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
scope: workspace
properties: {
workspaceId: workspaceId
storageAccountId: storageAccountId
eventHubAuthorizationRuleId: eventHubAuthorizationRuleId
eventHubName: eventHubName
logs: [
{
category: 'Audit'
enabled: true
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"settingName": {
"value": "Send to all locations"
},
"workspaceName": {
"value": "MyWorkspace"
},
"workspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
},
"storageAccountId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.Storage/storageAccounts/mystorageaccount"
},
"eventHubAuthorizationRuleId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourceGroups/MyResourceGroup/providers/Microsoft.EventHub/namespaces/MyNameSpace/authorizationrules/RootManageSharedAccessKey"
},
"eventHubName": {
"value": "my-eventhub"
}
}
}
Azure 存储的诊断设置
以下示例为 Azure 存储帐户中提供的每个存储服务终结点创建诊断设置。 设置应用于帐户中可用的每个单独存储服务。 可用的存储服务取决于存储帐户的类型。
此模板仅在帐户中存在存储服务时,才会为该帐户创建诊断设置。 对于提供的每项服务,诊断设置将启用事务指标以及资源日志集合,以进行读取、写入和删除操作。
模板文件
main.bicep
param storageAccountName string
param settingName string
param storageSyncName string
param workspaceId string
module nested './module.bicep' = {
name: 'nested'
params: {
endpoints: reference(resourceId('Microsoft.Storage/storageAccounts', storageAccountName), '2019-06-01', 'Full').properties.primaryEndpoints
settingName: settingName
storageAccountName: storageAccountName
storageSyncName: storageSyncName
workspaceId: workspaceId
}
}
module.bicep
param endpoints object
param settingName string
param storageAccountName string
param storageSyncName string
param workspaceId string
var hasblob = contains(endpoints, 'blob')
var hastable = contains(endpoints, 'table')
var hasfile = contains(endpoints, 'file')
var hasqueue = contains(endpoints, 'queue')
resource storageAccount 'Microsoft.Storage/storageAccounts@2021-09-01' existing = {
name: storageAccountName
}
resource diagnosticSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: settingName
scope: storageAccount
properties: {
workspaceId: workspaceId
storageAccountId: resourceId('Microsoft.Storage/storageAccounts', storageSyncName)
metrics: [
{
category: 'Transaction'
enabled: true
}
]
}
}
resource blob 'Microsoft.Storage/storageAccounts/blobServices@2021-09-01' existing = {
name:'default'
parent:storageAccount
}
resource blobSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (hasblob) {
name: settingName
scope: blob
properties: {
workspaceId: workspaceId
storageAccountId: resourceId('Microsoft.Storage/storageAccounts', storageSyncName)
logs: [
{
category: 'StorageRead'
enabled: true
}
{
category: 'StorageWrite'
enabled: true
}
{
category: 'StorageDelete'
enabled: true
}
]
metrics: [
{
category: 'Transaction'
enabled: true
}
]
}
}
resource table 'Microsoft.Storage/storageAccounts/tableServices@2021-09-01' existing = {
name:'default'
parent:storageAccount
}
resource tableSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (hastable) {
name: settingName
scope: table
properties: {
workspaceId: workspaceId
storageAccountId: resourceId('Microsoft.Storage/storageAccounts', storageSyncName)
logs: [
{
category: 'StorageRead'
enabled: true
}
{
category: 'StorageWrite'
enabled: true
}
{
category: 'StorageDelete'
enabled: true
}
]
metrics: [
{
category: 'Transaction'
enabled: true
}
]
}
}
resource file 'Microsoft.Storage/storageAccounts/fileServices@2021-09-01' existing = {
name:'default'
parent:storageAccount
}
resource fileSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (hasfile) {
name: settingName
scope: file
properties: {
workspaceId: workspaceId
storageAccountId: resourceId('Microsoft.Storage/storageAccounts', storageSyncName)
logs: [
{
category: 'StorageRead'
enabled: true
}
{
category: 'StorageWrite'
enabled: true
}
{
category: 'StorageDelete'
enabled: true
}
]
metrics: [
{
category: 'Transaction'
enabled: true
}
]
}
}
resource queue 'Microsoft.Storage/storageAccounts/queueServices@2021-09-01' existing = {
name:'default'
parent:storageAccount
}
resource queueSetting 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = if (hasqueue) {
name: settingName
scope: queue
properties: {
workspaceId: workspaceId
storageAccountId: resourceId('Microsoft.Storage/storageAccounts', storageSyncName)
logs: [
{
category: 'StorageRead'
enabled: true
}
{
category: 'StorageWrite'
enabled: true
}
{
category: 'StorageDelete'
enabled: true
}
]
metrics: [
{
category: 'Transaction'
enabled: true
}
]
}
}
参数文件
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"storageAccountName": {
"value": "mymonitoredstorageaccount"
},
"settingName": {
"value": "Send to all locations"
},
"storageSyncName": {
"value": "mystorageaccount"
},
"workspaceId": {
"value": "/subscriptions/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/resourcegroups/MyResourceGroup/providers/microsoft.operationalinsights/workspaces/MyWorkspace"
}
}
}