HDInsightSecurityLogs

Security related logs including Ambari Audit and Auth Log.

Categories

  • Azure Resources
  • Security

Solutions

  • LogManagement

Resource types

  • HDInsight Clusters

Columns

Column Type Description
ClusterName string Name of cluster.
CorrelationId string The ID for correlated events. Can be used to identify correlated events between multiple tables.
HostName string Name of host where log was emitted.
LogType string The name of the log file that a record came from (e.g. AmbariAuditLog, AuthLog).
Message string message from log file.
OperationName string The operation associated with log record.
_ResourceId string A unique identifier for the resource that the record is associated with
SourceSystem string
_SubscriptionId string A unique identifier for the subscription that the record is associated with
TenantId string
TimeGenerated datetime The timestamp (UTC) of when the log was generated.
Type string The name of the table