Microsoft Azure – Enable Windows Event Logs in Azure for Monitoring
Log Analytics is an Azure service that collects and stores information/data from a set of different sources and we can use Log Analytics queries to retrieve records that match particular criteria, identify trends, analyze patterns, and provide a variety of insights into our data.
Enable Windows Event Logs to collect log data from standard logs, like System and Application, or add custom logs created by applications you need to monitor.
Step 1: Log in to Azure Portal.
Step 2: Access the Log Analytics Workspace >> Select your Log Analytics.
Step 3: After selecting the select Log Analytics Workspace, Navigate to Settings >> Agents Configuration.
Step 4: Select Windows event logs >> Click on + Add Windows Event Logs >> Select the Log name.
For example: Add System, Application Logs and collect Windows event logs only for Error and Warnings
Step 5: After adding the required log names, click on Apply to make the changes.
That’s it. You are done. We have successfully enabled Windows Event Logs in Azure for Monitoring.