Azure Activity
- 08 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
Azure Activity
- Updated on 08 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Azure Activity Logs provide a comprehensive record of actions capturing operations that impact resources, such as creating, updating, or deleting. They cover various categories, including administrative actions, service health events, alert triggers, and policy compliance checks.
Integration Method: API
Tables: Detection, Compliance, Entity Management
Events: Administrative, Alerts, Policy changes, Security
Azure Configuration
Step 1. Create an App registration
Step 2. Register the application
Step 3. Add a client Secret
Step 4. Locate the Tenant ID - Find the Tenant ID on the application’s Overview page.
Step 5. Configure Permissions - Set up the following permissions:
Permission Name | Type |
AccessReview.Read.All | Delegated |
AccessReview.Read.All | Application |
AuditLog.Read.All | Delegated |
AuditLog.Read.All | Application |
User.Read | Delegated |
DataBee Configuration
Login to the DataBee console and navigate to the Data > Data Sources tab
Click on Add New Source
Search for Azure Activity and select it
Select API Ingest
Enter basic contact information in the dialog box and click Next
In the detailed configuration boxes, ensure the following fields are filled
Authorization Method: OAuth2
Client Key: Paste the client key generated in the Microsoft console
Secret Key: Paste the client secret generated in the Microsoft console
API URL: https://management.azure.com/subscriptions/<subscriptionId>/providers/Microsoft.Insights/eventtypes/management/values?&api-version=2015-04-01
Token URL: https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token
Replace the <tenant_id> and <subscriptionId> placeholders with your tenant information
Click Submit
Was this article helpful?