有关在 Azure 门户中使用这些查询的信息,请参阅 Log Analytics 教程。 有关 REST API,请参阅 查询。
所有超级计算机审核事件
列出 Discovery 超级计算机的所有审核事件,其中显示了所执行的操作和代理主体。
// All audit events for Discovery supercomputers
// Shows the operation performed and the acting principal
DiscoverySupercomputerAuditLogs
| project TimeGenerated, OperationName, ObjectId, Tenant, _ResourceId
| sort by TimeGenerated desc
超级计算机操作(按用户)
汇总了由代理主体分组的审核操作,以确定谁正在发现超级计算机上执行操作。
// Supercomputer operations grouped by user
// Identifies who is performing actions on Discovery supercomputers
DiscoverySupercomputerAuditLogs
| summarize OperationCount = count() by ObjectId
| sort by OperationCount desc
按类型排序的超级计算机操作
汇总了按操作名称分组的审核事件,以识别发现超级计算机上最常执行的操作。
// Supercomputer operations grouped by operation type
// Identifies the most frequently performed actions on Discovery supercomputers
DiscoverySupercomputerAuditLogs
| summarize OperationCount = count() by OperationName
| sort by OperationCount desc