Azure Monitor 日志中支持转换的表

Note

我们正在添加对更多表的支持。请定期查看本文。

Table	Limitations
AACAudit
AACHttpRequest
AADB2CRequestLogs
AADCustomSecurityAttributeAuditLogs
AADDomainServicesAccountLogon
AADDomainServicesAccountManagement
AADDomainServicesDirectoryServiceAccess
AADDomainServicesDNSAuditsDynamicUpdates
AADDomainServicesDNSAuditsGeneral
AADDomainServicesLogonLogoff
AADDomainServicesPolicyChange
AADDomainServicesPrivilegeUse
AADFirstPartyToFirstPartySignInLogs
AADManagedIdentitySignInLogs
AADNonInteractiveUserSignInLogs
AADProvisioningLogs
AADRiskyServicePrincipals
AADRiskyUsers
AADServicePrincipalRiskEvents
AADServicePrincipalSignInLogs
AADUserRiskEvents
ABAPAuditLog
ABAP授权详细信息
ABAP更改文档日志
ABAP用户详情
ABSBotRequests
ACICollaborationAudit
ACRConnectedClientList
ACREntraAuthenticationAuditLog
ACSAdvancedMessagingOperations
ACSAuthIncomingOperations
ACSBillingUsage
ACSCallAutomationIncomingOperations
ACSCallAutomationMediaSummary
ACSCallClientMediaStatsTimeSeries
ACSCallClientOperations
ACSCallClosedCaptionsSummary
ACSCallDiagnostics
ACS通话诊断更新
ACSCallingMetrics
ACSCallRecordingIncomingOperations
ACSCallRecordingSummary
ACSCallSummary
ACSCallSummaryUpdates
ACSCallSurvey
ACSChatIncomingOperations
ACSEmailSendMailOperational
ACSEmailStatusUpdateOperational
ACSEmailUserEngagementOperational
ACSJobRouterIncomingOperations
ACSRoomsIncomingOperations
ACSSMSIncomingOperations
ADAssessmentRecommendation
AddonAzureBackupAlerts
AddonAzureBackupJobs
AddonAzureBackupPolicy
AddonAzureBackupProtectedInstance
AddonAzureBackupStorage
ADFActivityRun
ADFAirflowSchedulerLogs
ADFAirflowTaskLogs
ADFAirflowWebLogs
ADFAirflowWorkerLogs
ADFPipelineRun
ADFSandboxActivityRun
ADFSandboxPipelineRun
ADFSSignInLogs
ADFSSISIntegrationRuntimeLogs
ADFSSISPackageEventMessageContext
ADFSSISPackageEventMessages
ADFSSISPackageExecutableStatistics
ADFSSISPackageExecutionComponentPhases
ADFSSISPackageExecutionDataStatistics
ADFTriggerRun
ADPAudit
ADPDiagnostics
ADPRequests
ADReplicationResult
ADSecurityAssessmentRecommendation
ADTDataHistoryOperation
ADTDigitalTwinsOperation
ADTModelsOperation
ADTQueryOperation
ADXCommand
ADXJournal
ADXQuery
ADXTableDetails
ADXTableUsageStatistics
AegDataPlaneRequests
AegDeliveryFailureLogs
AegPublishFailureLogs
AEWAssignmentBlobLogs
AEWAuditLogs
AEWComputePipelinesLogs
AEWExperimentAssignmentSummary
AEWExperimentScorecardMetricPairs
AEWExperimentScorecards
AFDAccessLog
AFDClassicCdnAccessLog
AFDHealthProbeLog
AFDWebApplicationFirewallLog
AFSAuditLogs
AGCAccessLogs
AggregatedSecurityAlert
AgriFoodApplicationAuditLogs
AgriFoodFarmManagementLogs
AgriFoodFarmOperationLogs
AgriFoodInsightLogs
AgriFoodJobProcessedLogs
AgriFoodModelInferenceLogs
AgriFoodProviderAuthLogs
AgriFoodSatelliteLogs
AgriFoodSensorManagementLogs
AgriFoodWeatherLogs
AGSGrafanaLoginEvents
AGSGrafanaUsageInsightsEvents
AGWAccessLogs
AGWFirewallLogs
AGWPerformanceLogs
AHDSDeidAuditLogs
AHDSDicomAuditLogs
AHDSDicomDiagnosticLogs
AHDSMedTechDiagnosticLogs
AirflowDagProcessingLogs
AKSAudit
AKSAuditAdmin
AKSControlPlane
ALBHealthEvent
Alert
AlertEvidence
AlertInfo
AMATelemetryEvents
AmlComputeClusterEvent
AmlComputeCpuGpuUtilization
AmlComputeInstanceEvent
AmlComputeJobEvent
AmlDataLabelEvent
AmlDataSetEvent
AmlDataStoreEvent
AmlDeploymentEvent
AmlEnvironmentEvent
AmlInferencingEvent
AmlModelsEvent
AmlOnlineEndpointConsoleLog
AmlOnlineEndpointEventLog
AmlOnlineEndpointTrafficLog
AmlPipelineEvent
AmlRegistryReadEventsLog
AmlRegistryWriteEventsLog
AmlRunEvent
AmlRunStatusChangedEvent
AMSKeyDeliveryRequests
AMSLiveEventOperations
AMSMediaAccountHealth
AMSStreamingEndpointRequests
AMWMetricsUsageDetails
ANFFileAccess
Anomalies
AOIDatabaseQuery
AOIDigestion
AOIStorage
ApiManagementGatewayLlmLog
ApiManagementGatewayLogs
APIMDevPortalAuditDiagnosticLog
AppAvailabilityResults
AppBrowserTimings
AppCenterError
AppDependencies
AppEvents
AppExceptions
AppMetrics
AppPageViews
AppPerformanceCounters
AppPlatformIngressLogs
AppPlatformLogsforSpring
AppPlatformSystemLogs
AppRequests
AppServiceAntivirusScanAuditLogs
AppServiceAppLogs
AppServiceAuditLogs
AppServiceAuthenticationLogs
AppServiceConsoleLogs
AppServiceEnvironmentPlatformLogs
AppServiceFileAuditLogs
AppServiceHTTPLogs
AppServiceIPSecAuditLogs
AppServicePlatformLogs
AppServiceServerlessSecurityPluginData
AppSystemEvents
AppTraces
ArcK8sAudit
ArcK8sAuditAdmin
ArcK8sControlPlane
ASCAuditLogs
ASCDeviceEvents
ASimAuditEventLogs
ASimAuthenticationEventLogs
ASimDhcpEventLogs
ASimDnsActivityLogs
ASimFileEventLogs
ASimNetworkSessionLogs
ASimProcessEventLogs
ASimRegistryEventLogs
ASimUserManagementActivityLogs
ASimWebSessionLogs
ASRJobs
ASRReplicatedItems
ASRv2HealthEvents
ASRv2JobEvents
ASRv2保护项
ASRv2ReplicationExtensions
ASRv2ReplicationPolicies
ASRv2ReplicationVaults
ATCExpressRouteCircuitIpfix
ATCMicrosoftPeeringMetadata
ATCPrivatePeeringMetadata
AuditLogs
AutoscaleEvaluationsLog
AutoscaleScaleActionsLog
AVNMConnectivityConfigurationChange
AVNMIPAMPoolAllocationChange
AVNMNetworkGroupMembershipChange
AVNMRuleCollectionChange
AVSEsxiFirewallSyslog
AVSEsxiSyslog
AVSNsxEdgeSyslog
AVSNsxManagerSyslog
AVSSyslog
AVSVcSyslog
AWSCloudTrail
AWSCloudTrailCCP
AWSCloudWatch
AWSCloudWatchCCP
AWSGuardDuty
AWSGuardDutyCCP
AWSNetworkFirewallAlert
AWSNetworkFirewallFlow
AWSNetworkFirewallTls
AWSRoute53Resolver
AWSS3ServerAccess
AWSSecurityHubFindings
AWSVPCFlow
AWSVPCFlowLogsCCP
AWSWAF
AZFWApplicationRule
AZFWApplicationRuleAggregation
AZFWDnsQuery
AZFWDnsQuery
AZFWFatFlow
AZFWFatFlow
AZFWFlowTrace
AZFWFlowTrace
AZFWIdpsSignature
AZFWIdpsSignature
AZFWInternalFqdnResolutionFailure
AZFWInternalFqdnResolutionFailure
AZFWNatRule
AZFWNatRuleAggregation
AZFWNetworkRule
AZFWNetworkRuleAggregation
AZFWThreatIntel
AZKVPolicyEvaluationDetailsLogs
AZMSApplicationMetricLogs
AZMSArchiveLogs
AZMSAutoscaleLogs
AZMSCustomerManagedKeyUserLogs
AZMSDiagnosticErrorLogs
AZMSHybridConnectionsEvents
AZMSKafkaCoordinatorLogs
AZMSKafkaUserErrorLogs
AZMSOperationalLogs
AZMSRunTimeAuditLogs
AZMSVnetConnectionEvents
AzureAssessmentRecommendation
AzureAttestationDiagnostics
AzureBackupOperations
AzureDevOpsAuditing
AzureLoadTestingOperation
AzureLogAnalyticsIngestionDiagnosticLogs
BehaviorAnalytics
BehaviorEntities
BehaviorInfo
BlockchainApplicationLog
BlockchainProxyLog
CampaignInfo
CassandraAudit
CassandraLogs
CCFApplicationLogs
CDBCassandraRequests
CDBControlPlaneRequests
CDBDataPlaneRequests
CDBGremlinRequests
CDBMongoRequests
CDBPartitionKeyRUConsumption
CDBPartitionKeyStatistics
CDBQueryRuntimeStatistics
CDBTableApiRequests
ChaosStudioExperimentEventLogs
CIEventsAudit
CIEventsOperational
CloudAppEvents
CloudHsmServiceOperationAuditLogs
CommonSecurityLog
通信合规活动
ComputerGroup
ConfidentialWatchlist
ConfigurationChange
ConfigurationData	部分支持 - 有些数据是通过不受支持的内部服务引入的。
ContainerAppConsoleLogs
ContainerAppSystemLogs
ContainerEvent
ContainerImageInventory
ContainerInstanceLog
ContainerInventory
ContainerLog
ContainerLogV2
ContainerNodeInventory
ContainerRegistryLoginEvents
ContainerRegistryRepositoryEvents
ContainerServiceLog
CoreAzureBackup
CosmosDBPostgresLogs
CrowdStrikeAlerts
CrowdStrikeDetections
CrowdStrikeHosts
CrowdStrikeIncidents
CrowdStrikeVulnerabilities
CSARequestResponse
DatabricksAccounts
DatabricksApps
DatabricksBrickStoreHttpGateway
DatabricksBudgetPolicyCentral
DatabricksCloudStorageMetadata
DatabricksClusterPolicies
DatabricksClusters
DatabricksDashboards
DatabricksDataMonitoring
DatabricksDataRooms
DatabricksDBFS
DatabricksFeatureStore
DatabricksFiles
DatabricksFilesystem
DatabricksGenie
DatabricksGlobalInitScripts
DatabricksGroups
DatabricksIngestion
DatabricksInstancePools
DatabricksJobs
DatabricksLakeviewConfig
DatabricksLineageTracking
DatabricksMarketplaceConsumer
DatabricksMarketplaceProvider
DatabricksMLflowAcledArtifact
DatabricksMLflowExperiment
DatabricksNotebook
DatabricksOnlineTables
DatabricksPredictiveOptimization
DatabricksRBAC
DatabricksRemoteHistoryService
DatabricksRFA
DatabricksSecrets
DatabricksSQLPermissions
DatabricksSSH
DatabricksVectorSearch
DatabricksWebhookNotifications
DatabricksWorkspace
DatabricksWorkspaceFiles
DataTransferOperations
DataverseActivity
DCPlanBillingEventLogs
DCRLogErrors
DefenderForSqlAlerts
DefenderForSqlTelemetry
DevCenterBillingEventLogs
DevCenterDiagnosticLogs
DevCenterResourceOperationLogs
DeviceEvents
DeviceFileCertificateInfo
DeviceFileEvents
DeviceImageLoadEvents
DeviceInfo
DeviceLogonEvents
DeviceNetworkEvents
DeviceNetworkInfo
DeviceProcessEvents
DeviceRegistryEvents
DeviceTvmSecureConfigurationAssessment
DeviceTvmSecureConfigurationAssessmentKB
DeviceTvmSoftwareInventory
DeviceTvmSoftwareVulnerabilities
DeviceTvmSoftwareVulnerabilitiesKB
DFPPurchaseLogs
DnsAuditEvents
DnsEvents
DnsInventory
DNSQueryLogs
DSMDataClassificationLogs
DSMDataLabelingLogs
DummyHydrationFact
DynamicEventCollection
Dynamics365Activity
EGNFailedHttpDataPlaneOperations
EGNFailedMqttConnections
EGNFailedMqttPublishedMessages
EGNFailedMqttSubscriptions
EGNMqttDisconnections
EGNSuccessfulHttpDataPlaneOperations
EGNSuccessfulMqttConnections
EmailAttachmentInfo
EmailEvents
EmailPostDeliveryEvents
EmailUrlInfo
增强版Microsoft365审核日志
Event	部分支持。完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。通过 Azure 存储收集来自诊断扩展的数据。不支持此路径。
ExchangeAssessmentRecommendation
ExchangeOnlineAssessmentRecommendation
FailedIngestion
FileMaliciousContentInfo
FSPGPGBouncer
FunctionAppLogs
GCPApigee
GCPAuditLogs
GCPCDN
GCPCloudRun
GCPCloudSQL
GCPComputeEngine
GCPDNS
GCPFirewallLogs
GCPIAM
GCPIDS
GCPLoadBalancer
GCPMonitoring
GCPNAT
GCPNATAudit
GCPResourceManager
GCPVPCFlow
GKEAPIServer
GKEApplication
GKEAudit
GKEControllerManager
GKEHPADecision
GKEScheduler
GoogleCloudSCC
GoogleWorkspaceReports
HDInsightAmbariClusterAlerts
HDInsightAmbariSystemMetrics
HDInsightGatewayAuditLogs
HDInsightHadoopAndYarnLogs
HDInsightHadoopAndYarnMetrics
HDInsightHBaseLogs
HDInsightHBaseMetrics
HDInsightHiveAndLLAPLogs
HDInsightHiveAndLLAPMetrics
HDInsightHiveTezAppStats
HDInsightKafkaLogs
HDInsightKafkaMetrics
HDInsightOozieLogs
HDInsightSecurityLogs
HDInsightSparkApplicationEvents
HDInsightSparkBlockManagerEvents
HDInsightSparkEnvironmentEvents
HDInsightSparkExecutorEvents
HDInsightSparkExtraEvents
HDInsightSparkJobEvents
HDInsightSparkLogs
HDInsightSparkSQLExecutionEvents
HDInsightSparkStageEvents
HDInsightSparkStageTaskAccumulables
HDInsightSparkTaskEvents
HDInsightStormLogs
HDInsightStormMetrics
HDInsightStormTopologyMetrics
HealthStateChangeEvent
HuntingBookmark
IdentityDirectoryEvents
IdentityInfo
IdentityLogonEvents
IdentityQueryEvents
IlumioInsights
InsightsMetrics	部分支持 - 有些数据是通过不受支持的内部服务引入的。
IntuneAuditLogs
IntuneDevices
IntuneOperationalLogs
KubeEvents
KubeHealth
KubeMonAgentEvents
KubeNodeInventory
KubePodInventory
KubePVInventory
KubeServices
LAJobLogs
LAQueryLogs
LASummaryLogs
LIATrackingEvents
LinuxAuditLog
LogicAppWorkflowRuntime
McasShadowItReporting
MCCEventLogs
MCVPAuditLogs
MCVPOperationLogs
MDCDetectionDNSEvents
MDCDetectionFimEvents
MDCDetectionGatingValidationEvents
MDCDetectionK8SApiEvents
MDCFileIntegrityMonitoringEvents
MDE自定义集合设备文件事件
MDPResourceLog
MicrosoftAzureBastionAuditLogs
MicrosoftDataShareReceivedSnapshotLog
MicrosoftDataShareSentSnapshotLog
MicrosoftGraphActivityLogs
MicrosoftHealthcareApisAuditLogs
MicrosoftPurviewInformationProtection
MNFDeviceUpdates
MNFSystemSessionHistoryUpdates
MNFSystemStateMessageUpdates
MPTOperation
MySqlAuditLogs
MySqlErrorLogs
MySqlSlowLogs
NCBMBreakGlassAuditLogs
NCBMSecurityDefenderLogs
NCBMSecurityLogs
NCBMSystemLogs
NCCKubernetesLogs
NCCPlatformOperationsLogs
NCCVMOrchestrationLogs
NCMClusterOperationsLogs
NCSStorageAlerts
NCSStorageAudits
NCSStorageLogs
NetworkAccessAlerts
网络访问连接事件
NetworkAccessTraffic
NetworkMonitoring
NetworkSessions
NginxUpstreamUpdateLogs
NGXOperationLogs
NGXSecurityLogs
NSPAccessLogs
NTAInsights
NTAIpDetails
NTANetAnalytics
NTATopologyDetails
NWConnectionMonitorPathResult
NWConnectionMonitorTestResult
OEPAirFlowTask
OEPAuditLogs
OEPDataplaneLogs
OEPElasticOperator
OEPElasticsearch
OEWExperimentAssignmentSummary
OEWExperimentScorecardMetricPairs
OEWExperimentScorecards
OfficeActivity
OktaSystemLogs
OLPSupplyChainEntityOperations
OLPSupplyChainEvents
OTelEvents
OTelLogs
OTelResources
OTelSpans
Perf
PFTitleAuditLogs
PGSQLAutovacuumStats
PGSQLDbTransactionsStats
PGSQLPgStatActivitySessions
PGSQLQueryStoreRuntime
PGSQLQueryStoreWaits
PGSQLServerLogs
PipelineTestVehicles
PipelineTestVehiclesInternalUseOnly
PlatformTelemetryMetricsLaTable
PowerAppsActivity
PowerAutomateActivity
PowerBIActivity
PowerBIDatasetsTenant
PowerBIDatasetsWorkspace
PowerPlatformAdminActivity
PowerPlatformConnectorActivity
PowerPlatformDlpActivity
ProcessInvestigator
ProjectActivity
ProtectionStatus
PurviewDataSensitivityLogs
PurviewScanStatusLogs
PurviewSecurityLogs
REDConnectionEvents
RemoteNetworkHealthLogs
ResourceManagementPublicAccessLogs
RetinaNetworkFlowLogs
RomeDetectionEvent
SCCMAssessmentRecommendation
SCGPoolExecutionLog
SCGPoolRequestLog
SCOMAssessmentRecommendation
SecureScoreControls
SecureScores
SecurityAlert
SecurityAttackPathData
SecurityBaseline
SecurityBaselineSummary
SecurityDetection
SecurityEvent	部分支持 - 完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。通过诊断扩展代理到达的数据是通过存储收集的，但不支持此路径。
SecurityIncident
SecurityIoTRawEvent
SecurityNestedRecommendation
SecurityRecommendation
SecurityRegulatoryCompliance
SentinelAudit
SentinelHealth
ServiceMap
SfBAssessmentRecommendation
SfBOnlineAssessmentRecommendation
SharePointOnlineAssessmentRecommendation
SignalRServiceDiagnosticLogs
SigninLogs
SPAssessmentRecommendation
SQLAssessmentRecommendation
SqlAtpStatus
SQLSecurityAuditEvents
SqlThreatProtectionLoginAudits
SqlVulnerabilityAssessmentResult
SqlVulnerabilityAssessmentScanStatus
StorageBlobLogs
StorageCacheOperationEvents
StorageCacheUpgradeEvents
StorageCacheWarningEvents
StorageFileLogs
StorageInsightsAccountPropertiesDaily
StorageInsightsDailyMetrics
StorageInsightsHourlyMetrics
StorageInsightsMonthlyMetrics
StorageInsightsWeeklyMetrics
存储恶意软件扫描结果
StorageMoverCopyLogsFailed
StorageMoverCopyLogsTransferred
StorageMoverJobRunLogs
StorageQueueLogs
StorageTableLogs
SucceededIngestion
SVMPoolExecutionLog
SVMPoolRequestLog
SynapseBigDataPoolApplicationsEnded
SynapseBuiltinSqlPoolRequestsEnded
SynapseDXFailedIngestion
SynapseDXSucceededIngestion
SynapseGatewayApiRequests
SynapseIntegrationActivityRuns
SynapseIntegrationPipelineRuns
SynapseIntegrationTriggerRuns
SynapseLinkEvent
SynapseRbacOperations
SynapseScopePoolScopeJobsEnded
SynapseScopePoolScopeJobsStateChange
SynapseSqlPoolDmsWorkers
SynapseSqlPoolExecRequests
SynapseSqlPoolRequestSteps
SynapseSqlPoolSqlRequests
SynapseSqlPoolWaits
Syslog	部分支持 - 完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。通过诊断扩展代理到达的数据是通过存储收集的，但不支持此路径。
ThreatIntelIndicators
ThreatIntelligenceIndicator
ThreatIntelObjects
TOUserAudits
TOUserDiagnostics
TSIIngress
UCClient
UCClientReadinessStatus
UCClientUpdateStatus
UCDeviceAlert
UCDOAggregatedStatus
UCDOStatus
UCServiceUpdateStatus
UCUpdateAlert
Update	部分支持 - 有些数据是通过不受支持的内部服务引入的。
UpdateRunProgress
UpdateSummary
UrlClickEvents
VCoreMongoRequests
VIAudit
VIIndexing
W3CIISLog	部分支持 - 完全支持来自 Log Analytics 代理 (MMA) 或 Azure Monitor 代理 (AMA) 的数据。通过诊断扩展代理到达的数据是通过存储收集的，但不支持此路径。
WaaSDeploymentStatus
WaaSInsiderStatus
WaaSUpdateStatus
Watchlist
WebPubSubConnectivity
WebPubSubHttpRequest
WebPubSubMessaging
Windows365AuditLogs
WindowsClientAssessmentRecommendation
WindowsEvent
WindowsFirewall
WindowsServerAssessmentRecommendation
WireData	部分支持 - 有些数据是通过不受支持的内部服务引入的。
WorkloadDiagnosticLogs
WUDOAggregatedStatus
WUDOStatus
WVDAgentHealthStatus
WVDCheckpoints
WVDConnectionNetworkData
WVDConnections
WVDErrors
WVDFeeds
WVDHostRegistrations
WVDManagement

Last updated on 2025-11-27

通过

Azure Monitor 日志中支持转换的表

其他资源