为通知中心启用诊断日志Enable diagnostics logs for Notification Hubs

开始使用 Azure 通知中心命名空间时,你可能想要监视命名空间的创建、删除或访问方式和时间。When you start using your Azure Notification Hubs namespace, you might want to monitor how and when your namespace is created, deleted, or accessed. 本文概述所有可用的操作日志和诊断日志。This article provides an overview of all the operational and diagnostics logs that are available.

Azure 通知中心目前支持活动日志和操作日志,这些日志捕获针对 Azure 通知中心命名空间执行的管理操作。Azure Notification Hubs currently supports activity and operational logs, which capture management operations that are performed on the Azure Notification Hubs namespace.

诊断日志架构Diagnostic logs schema

所有日志均以 JavaScript 对象表示法 (JSON) 格式存储在以下两个位置:All logs are stored in JavaScript Object Notation (JSON) format in the following two locations:

  • AzureActivity:显示通过 Azure 门户或 Azure 资源管理器模板部署对命名空间执行操作时生成的日志。AzureActivity: Displays logs from operations and actions that are conducted against your namespace in the Azure portal or through Azure Resource Manager template deployments.
  • AzureDiagnostics:显示使用 API 或通过语言 SDK 中的管理客户端对命名空间执行操作时生成的日志。AzureDiagnostics: Displays logs from operations and actions that are conducted against your namespace by using the API, or through management clients on the language SDK.

诊断日志 JSON 字符串包含下表列出的元素:Diagnostic log JSON strings include the elements listed in the following table:

“属性”Name 说明Description
timetime 日志的 UTC 时间戳UTC timestamp of the log
ResourceIdresourceId Azure 资源的相对路径Relative path to the Azure resource
operationNameoperationName 管理操作的名称Name of the management operation
categorycategory 日志类别。Log category. 有效值:OperationalLogsValid values: OperationalLogs
callerIdentitycallerIdentity 启动管理操作的调用方的标识Identity of the caller who initiated the management operation
resultTyperesultType 管理操作的状态。Status of the management operation. 有效值:SucceededFailedValid values: Succeeded or Failed
resultDescriptionresultDescription 管理操作的描述Description of the management operation
correlationIdcorrelationId 管理操作的相关 ID(如果指定)Correlation ID of the management operation (if specified)
callerIpAddresscallerIpAddress 调用方的 IP 地址。The caller IP address. 对于源自 Azure 门户的调用为空Empty for calls that originated from the Azure portal

下面是运行日志 JSON 字符串的示例:Here's an example of an operational log JSON string:

{
    "operationName": "Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/action",
    "resourceId": "/SUBSCRIPTIONS/2CAC2A14-BA6B-46A6-BCE8-2D9781A41BA2/RESOURCEGROUPS/SAMPLES/PROVIDERS/MICROSOFT.NOTIFICATIONHUBS/NAMESPACES/SAMPLE-NS",
    "time": "1/1/2021 5:16:32 AM +00:00",
    "category": "OperationalLogs",
    "resultType": "Succeeded",
    "resultDescription": "Gets Hub Authorization Rules",
    "correlationId": "00000000-0000-0000-0000-000000000000",
    "callerIdentity": "{ \"identityType\": \"Portal\", \"identity\": \"\" }"
}

callerIdentity 字段可以为空,也可以为是以下格式之一的 JSON 字符串。The callerIdentity field can be empty, or a JSON string with one of the following formats.

对于源自 Azure 门户的调用,identity 字段为空。For calls originating from the Azure portal the identity field is empty. 日志可以与活动日志相关联,用于确定已登录的用户。The log can be correlated to activity logs to determine the logged in user.

{
    "identityType": "Portal",
    "identity": ""
}

对于通过 Azure 资源管理器发起的调用,identity 字段将包含已登录用户的用户名。For calls made through Azure Resource Manager the identity field will contain the username of the logged in user.

{
   "identityType": "Username",
   "identity": "test@foo.com"
}

对于对通知中心 REST API 的调用,identity 字段将包含用于生成 SharedAccessSignature 令牌的访问策略的名称。For calls to the Notification Hubs REST API the identity field will contain the name of the access policy used to generate the SharedAccessSignature token.

{
   "identityType": "KeyName",
   "identity": "SharedAccessRootKey2"
}

在操作日志中捕获的事件和操作Events and operations captured in operational logs

操作日志捕获针对 Azure 通知中心命名空间执行的所有管理操作。Operational logs capture all management operations that are performed on the Azure Notification Hubs namespace. 针对 Azure 通知中心执行的数据操作量很大,因此不会捕获数据操作。Data operations are not captured, because of the high volume of data operations that are conducted on Azure Notification Hubs.

在操作日志中捕获以下管理操作:The following management operations are captured in operational logs:

作用域Scope 操作名称Operation Name 操作说明Operation Description
命名空间Namespace Microsoft.NotificationHubs/Namespaces/authorizationRules/actionMicrosoft.NotificationHubs/Namespaces/authorizationRules/action 列出授权规则List Authorization Rules
命名空间Namespace Microsoft.NotificationHubs/Namespaces/authorizationRules/deleteMicrosoft.NotificationHubs/Namespaces/authorizationRules/delete 删除授权规则Delete Authorization Rule
命名空间Namespace Microsoft.NotificationHubs/Namespaces/authorizationRules/listkeys/actionMicrosoft.NotificationHubs/Namespaces/authorizationRules/listkeys/action 列出密钥List Keys
命名空间Namespace Microsoft.NotificationHubs/Namespaces/authorizationRules/readMicrosoft.NotificationHubs/Namespaces/authorizationRules/read 获取授权规则Get Authorization Rule
命名空间Namespace Microsoft.NotificationHubs/Namespaces/authorizationRules/regenerateKeys/actionMicrosoft.NotificationHubs/Namespaces/authorizationRules/regenerateKeys/action 重新生成密钥Regenerate Keys
命名空间Namespace Microsoft.NotificationHubs/Namespaces/authorizationRules/writeMicrosoft.NotificationHubs/Namespaces/authorizationRules/write 创建或更新授权规则Create or Update Authorization Rule
命名空间Namespace Microsoft.NotificationHubs/Namespaces/deleteMicrosoft.NotificationHubs/Namespaces/delete 删除命名空间Delete Namespace
命名空间Namespace Microsoft.NotificationHubs/Namespaces/readMicrosoft.NotificationHubs/Namespaces/read 获取命名空间Get Namespace
命名空间Namespace Microsoft.NotificationHubs/Namespaces/writeMicrosoft.NotificationHubs/Namespaces/write 创建或更新命名空间Create or Update Namespace
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/actionMicrosoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/action 列出授权规则List Authorization Rules
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/deleteMicrosoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/delete 删除授权规则Delete Authorization Rule
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/listkeys/actionMicrosoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/listkeys/action 列出密钥List Keys
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/readMicrosoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/read 读取授权规则Read Authorization Rule
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/regenerateKeys/actionMicrosoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/regenerateKeys/action 重新生成密钥Regenerate Keys
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/writeMicrosoft.NotificationHubs/Namespaces/NotificationHubs/authorizationRules/write 创建或更新授权规则Create or Update Authorization Rule
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/deleteMicrosoft.NotificationHubs/Namespaces/NotificationHubs/delete 删除通知中心Delete Notification Hub
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/pnsCredentials/actionMicrosoft.NotificationHubs/Namespaces/NotificationHubs/pnsCredentials/action 创建、更新或获取 PNS 凭据Create, Update, or Get PNS Credentials
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/readMicrosoft.NotificationHubs/Namespaces/NotificationHubs/read 获取通知中心Get Notification Hub
通知中心Notification Hub Microsoft.NotificationHubs/Namespaces/NotificationHubs/writeMicrosoft.NotificationHubs/Namespaces/NotificationHubs/write 创建或更新通知中心Create or Update Notification Hub

启用操作日志Enable operational logs

操作日志默认已禁用。Operational logs are disabled by default. 若要启用日志,请执行以下操作:To enable logs, do the following:

  1. Azure 门户中,转到你的 Azure 通知中心命名空间,然后在“监视”下选择“诊断设置”。 In the Azure portal, go to your Azure Notification Hubs namespace and then, under Monitoring, select Diagnostic settings.

    “诊断设置”链接

  2. 在“诊断设置”窗格中,选择“添加诊断设置”。In the Diagnostics settings pane, select Add diagnostic setting.

    “添加诊断设置”链接

  3. 执行以下操作来配置诊断设置:Configure the diagnostics settings by doing the following:

    a.a. 在“名称”框中,输入诊断设置的名称。In the Name box, enter a name for the diagnostics settings.

    b.b. 为诊断日志选择以下三个目标之一:Select one of the following three destinations for your diagnostics logs:

    • 如果选择“发送到 Log Analytics 工作区”,则需要指定要将诊断发送到的 Log Analytics 实例。If you select Send to Log Analytics workspace, you need to specify which instance of Log Analytics the diagnostics will be sent to.
    • 如果选择“存档到存储帐户”,则需要配置用于存储诊断日志的存储帐户。If you select Archive to a storage account, you need to configure the storage account where the diagnostics logs will be stored.
    • 如果选择“流式传输到事件中心”,则需要配置要将诊断日志流式传输到的事件中心。If you select Stream to an event hub, you need to configure the event hub that you want to stream the diagnostics logs to.

    c.c. 选中“OperationalLogs”复选框。Select the OperationalLogs check box.

    “诊断设置”窗格

  4. 选择“保存” 。Select Save.

新设置将在大约 10 分钟后生效。The new settings take effect in about 10 minutes. 日志将显示在“诊断日志”窗格中配置的存档目标中。The logs are displayed in the configured archival target, in the Diagnostics logs pane.

后续步骤Next steps

若要详细了解如何配置诊断设置,请参阅:To learn more about configuring diagnostics settings, see:

若要详细了解 Azure 通知中心,请参阅:To learn more about Azure Notification Hubs, see: