Monitor Azure Attestation
This article describes the monitoring data generated by Azure Attestation and steps to analyze the same. Azure Attestation uses Azure Monitor. If you are unfamiliar with the features of Azure Monitor common to all Azure services that use it, read Monitoring Azure resources with Azure Monitor.
Monitoring data
Azure Attestation collects the same kind of monitoring data as other Azure resources that are described in Monitoring data from Azure resources.
See Azure Attestation Monitoring data reference for detailed information on the monitoring logs generated by Azure Attestation.
Collection and routing
Activity logs are collected and stored automatically, but can be routed to other locations by using a diagnostic setting. Resource Logs are not collected and stored until you create a diagnostic setting and route them to one or more locations. More details can be found here
To create a diagnostic setting for Azure Attestation, see Azure Attestation logging.
Analyze logs using log analytics
Log Analytics is a tool in the Azure portal that's used to edit and run log queries against data in the Azure Monitor Logs store. To leverage log analytics where you can run complex queries, select log analytics workspace as one of the destinations while creating the diagnostic setting.
Once the diagnostic setting is created, when you select Logs from the Azure Monitor menu, Log Analytics is opened with the query scope set to the current attestation provider. This means that log queries will only include data from that resource. See Log query scope and time range in Azure Monitor Log Analytics for details.
Here are some queries that you can enter into the Log search bar to help you monitor your Key Vault resources. These queries work with the new language.
- Are there any authorization failures?
- Are there any policy configuration failures?
- Are there any slow requests?
- Have there been any changes to attestation policy?
- Who is calling this attestation provider?
- How active has this Attestation provider been?
Next steps
- For information on how to interpret logs, see Azure Attestation logging
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for