将诊断日志从任何 Azure 对象路由到事件中心
Route Diagnostic Logs from any Azure Object to an Event Hub
我正在尝试使用 "Set-AzDiagnosticSetting" 来定义一个 PublicIP,我也想对其他对象做同样的事情,但目前我正在对此进行测试。
如果您进入 GUI:
PublicIP -> 诊断设置 -> 添加诊断设置 -> 名称 -> 流式传输到事件中心 -> 选择事件中心名称空间 -> 事件中心名称 -> 事件中心策略 -> 单击确定
Select 来自日志 -> DDoSProtectionNotifications、DDoSMitigationFlowLogs、DDoSMitigationReports 来自指标 -> 所有指标 -> 单击确定 -> 单击保存,瞧,诊断设置名称已创建。
我如何在 Azure CLI 中编写它以使其在代码中工作,因为我无法确定它:
Set-AzDiagnosticSetting -ResourceId $resID -Enabled $True -Name "IPDiagnostic" -EventHubName $eveH -Category "DDoSProtectionNotifications","DDoSMitigationFlowLogs", "DDoSMitigationReports" -EventHubAuthorizationRuleId "RootManageSharedAccessKey"
我不知道我必须填写哪些选项才能使其工作:https://docs.microsoft.com/en-us/powershell/module/az.monitor/set-azdiagnosticsetting?view=azps-3.0.0
谢谢!
az monitor diagnostic-settings create --resource "/subscriptions/…/ResourceGroup/providers/Microsoft.Network/publicIPAddresses/NameOfTheResource" \
-n "IpDiagnostic" \
--event-hub-rule "/subscriptions/.../LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog/authorizationrules/RootManageSharedAccessKey" \
--event-hub /subscriptions/…/LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog " \
--日志'[
{
"category": "DDoSProtectionNotifications",
"enabled":是的,
"retentionPolicy":{
"days": 0,
"enabled": 错误
}
},
{
"category": "DDoSMitigationFlowLogs",
"enabled":是的,
"retentionPolicy":{
"days": 0,
"enabled": 错误
}
},
{
"category": "DDoSMitigationReports",
"enabled":是的,
"retentionPolicy":{
"days": 0,
"enabled": 错误
}
}
]'
--指标'[
{
"category": "AllMetrics",
"enabled":错误,
"retentionPolicy":{
"days": 0,
"enabled": 错误
},
"timeGrain": 空
}
]'
您好,欢迎来到 Stack Overflow!
您可以通过 Azure CLI 发出此命令有两种变体,即使用存储帐户作为接收器,或使用事件中心(带有事件中心规则):
使用存储帐户:
az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli --storage-account /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Storage/storageAccounts/xxxxx
--logs '[
{
"category": "JobStreams",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
--metrics '[
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
使用事件中心:
az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli --event-hub /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx --event-hub-rule /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx/AuthorizationRules/xxxxx
--logs '[
{
"category": "JobStreams",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
--metrics '[
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
要了解每个选项的含义,请查看命令参考 here。如果您仍然 运行 遇到问题,请随时 post 错误详细信息,可能还包括屏幕截图,我们可以进一步解决问题。希望这对您有所帮助!
我正在尝试使用 "Set-AzDiagnosticSetting" 来定义一个 PublicIP,我也想对其他对象做同样的事情,但目前我正在对此进行测试。
如果您进入 GUI: PublicIP -> 诊断设置 -> 添加诊断设置 -> 名称 -> 流式传输到事件中心 -> 选择事件中心名称空间 -> 事件中心名称 -> 事件中心策略 -> 单击确定 Select 来自日志 -> DDoSProtectionNotifications、DDoSMitigationFlowLogs、DDoSMitigationReports 来自指标 -> 所有指标 -> 单击确定 -> 单击保存,瞧,诊断设置名称已创建。
我如何在 Azure CLI 中编写它以使其在代码中工作,因为我无法确定它:
Set-AzDiagnosticSetting -ResourceId $resID -Enabled $True -Name "IPDiagnostic" -EventHubName $eveH -Category "DDoSProtectionNotifications","DDoSMitigationFlowLogs", "DDoSMitigationReports" -EventHubAuthorizationRuleId "RootManageSharedAccessKey"
我不知道我必须填写哪些选项才能使其工作:https://docs.microsoft.com/en-us/powershell/module/az.monitor/set-azdiagnosticsetting?view=azps-3.0.0
谢谢!
az monitor diagnostic-settings create --resource "/subscriptions/…/ResourceGroup/providers/Microsoft.Network/publicIPAddresses/NameOfTheResource" \ -n "IpDiagnostic" \ --event-hub-rule "/subscriptions/.../LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog/authorizationrules/RootManageSharedAccessKey" \ --event-hub /subscriptions/…/LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog " \ --日志'[ { "category": "DDoSProtectionNotifications", "enabled":是的, "retentionPolicy":{ "days": 0, "enabled": 错误 } }, { "category": "DDoSMitigationFlowLogs", "enabled":是的, "retentionPolicy":{ "days": 0, "enabled": 错误 } }, { "category": "DDoSMitigationReports", "enabled":是的, "retentionPolicy":{ "days": 0, "enabled": 错误 } } ]' --指标'[ { "category": "AllMetrics", "enabled":错误, "retentionPolicy":{ "days": 0, "enabled": 错误 }, "timeGrain": 空 } ]'
您好,欢迎来到 Stack Overflow!
您可以通过 Azure CLI 发出此命令有两种变体,即使用存储帐户作为接收器,或使用事件中心(带有事件中心规则):
使用存储帐户:
az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli --storage-account /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Storage/storageAccounts/xxxxx
--logs '[
{
"category": "JobStreams",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
--metrics '[
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
使用事件中心:
az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli --event-hub /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx --event-hub-rule /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx/AuthorizationRules/xxxxx
--logs '[
{
"category": "JobStreams",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
--metrics '[
{
"category": "AllMetrics",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
}
]'
要了解每个选项的含义,请查看命令参考 here。如果您仍然 运行 遇到问题,请随时 post 错误详细信息,可能还包括屏幕截图,我们可以进一步解决问题。希望这对您有所帮助!