Open In App

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy

Microsoft Azure – Enabled the Azure Activity Data Connector

Azure Activity Data Connector is a service that collects and analyzes audit logs from Azure resources. This helps in monitoring and investigating security threats, troubleshooting problems, and complying with regulatory requirements. By enabling the Azure Activity Data Connector with Microsoft Sentinel you can collect data from Azure Resource Manager, Azure Resource Provider Logs, and Azure Operational Insights from multiple Azure subscriptions. You can also collect data in real-time and can create analytics rules, and Azure workbooks in Microsoft Sentinel.

Steps To Enable Azure Activity Data Connector

Step 1: Login to your Azure portal



Step 2: Search and select the Microsoft Sentinel from Azure Global Search and select your sentinel resource



Step 3: Now from the left-hand side menu scroll down to configurations >> select Data connectors.

Step 4: From the data connectors gallery, select Azure Activity >> click on Open connector page.

Step 5: In Configuration area, scroll down to Connect your subscription >> click on Launch Azure Policy Assignment Wizard.

Step 6: Now in Basics tab, select the ellipsis button (…) under Scope and select the target azure subscriptions or management group you want to connect to the Azure Activity Data Connector.

Step 7: Select the Parameters tab, select your primary Log Analytics workspace from the drop-down list >> select the log analytics workspace which you want to collet the logs and click on select.

Step 8: In Remediation tab, check the box “Create managed identity” >> select System managed identity and select the location of your choice.

Step 9 : Select Review + assign to review the assignment details and click on create.

Azure Activity Data Connector will now start collecting data from your selected Azure subscriptions. This will take 15-30 minutes to start collecting the data from data connector. To verify that the Azure Activity Data Connector is enabled or not? You can navigate to Data connectors in Microsoft Sentinel and select Azure Activity. The status of the connector should be Enabled.

FAQs On Azure Activity Data Connector

1. What are the Benefits Of using the Azure Activity Data Connector?

Log Monitoring, Improved security, Reducing risk with alerts and insights and Compliance with security regulations.

2. Which Resources Are Required To Enable Azure Activity Data Connector?

Log Analytics Workspace and Azure subscription are the two services required to enable the connector and stream Azure Activity Log data.

3. Azure Activity Data Connector provides Insights about?

Azure Activity Log data provides insights about subscription-level service health events, write operations and the status of activities performed at resource level within a subscription.

Article Tags :
Geeks Premier League
Microsoft Azure
Recommended Articles
1. Microsoft Azure - Check Enabled and Disabled Diagnostics for Azure Resources
2. Microsoft Azure - TDE is Enabled in Azure SQL Database
3. Microsoft Azure - Using the Azure Activity Log
4. Microsoft Azure Arc Enabled Kubernetes
5. Microsoft Azure - Get CPU Utilization Data of a Azure VM in Azure Portal
6. How to Configure Azure Activity "Administrative" Logs on Azure Subscription using PowerShell?
7. Microsoft Azure - Get Azure VM Properties using Azure PowerShell
8. Microsoft Azure - RDP to Azure Virtual Machines using Azure Bastion
9. Microsoft Azure - Configure Azure SQL with Azure CLI
10. Microsoft Azure - Archive Azure VM to Azure Storage Account
11. Microsoft Azure - Check Status of Azure VM using Azure PowerShell
12. Microsoft Azure - Azure VM Disk Space in Percentage using Azure KQL
13. Microsoft Azure - Enable Azure Monitor VM Insights Agent For Azure VM
14. Microsoft Azure - Azure CLI Commands to Manage Azure VMs
15. Microsoft Azure - Manage Azure VMs using Azure PowerShell Commands
16. Microsoft Azure - Query Azure Storage Logs in Azure Monitor Log Analytics
17. Microsoft Azure - Install Azure Command Line Interface (Azure CLI)
18. Create a Key Vault with Purge Protection Enabled in Azure
19. Microsoft Azure- Disk Storage in Microsoft Azure
20. Microsoft Azure- Backing Up, Restoring, and Cloning Microsoft Azure App Services
21. Microsoft Azure -Create a User in Microsoft Entra ID from Azure Portal
22. Microsoft Azure - Query System Event Log Data Using Azure KQL
23. Microsoft Azure - Query Application Event Log Data using Azure KQL
24. Microsoft Azure - Copy an Azure Managed Data Disk
25. Microsoft Azure - Data Protection in Azure SQL