Microsoft.Insights diagnosticSettings
Remarks
For guidance on deploying monitoring solutions, see Create monitoring resources by using Bicep.
Bicep resource definition
The diagnosticSettings resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Insights/diagnosticSettings resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
scope: resourceSymbolicName or scope
name: 'string'
properties: {
eventHubAuthorizationRuleId: 'string'
eventHubName: 'string'
logAnalyticsDestinationType: 'string'
logs: [
{
category: 'string'
categoryGroup: 'string'
enabled: bool
retentionPolicy: {
days: int
enabled: bool
}
}
]
marketplacePartnerId: 'string'
metrics: [
{
category: 'string'
enabled: bool
retentionPolicy: {
days: int
enabled: bool
}
timeGrain: 'string'
}
]
serviceBusRuleId: 'string'
storageAccountId: 'string'
workspaceId: 'string'
}
}
Property values
DiagnosticSettings
| Name | Description | Value |
|---|---|---|
| eventHubAuthorizationRuleId | The resource Id for the event hub authorization rule. | string |
| eventHubName | The name of the event hub. If none is specified, the default event hub will be selected. | string |
| logAnalyticsDestinationType | A string indicating whether the export to Log Analytics should use the default destination type, i.e. AzureDiagnostics, or use a destination type constructed as follows: <normalized service identity>_<normalized category name>. Possible values are: Dedicated and null (null is default.) | string |
| logs | The list of logs settings. | LogSettings[] |
| marketplacePartnerId | The full ARM resource ID of the Marketplace resource to which you would like to send Diagnostic Logs. | string |
| metrics | The list of metric settings. | MetricSettings[] |
| serviceBusRuleId | The service bus rule Id of the diagnostic setting. This is here to maintain backwards compatibility. | string |
| storageAccountId | The resource ID of the storage account to which you would like to send Diagnostic Logs. | string |
| workspaceId | The full ARM resource ID of the Log Analytics workspace to which you would like to send Diagnostic Logs. Example: /subscriptions/4b9e8510-67ab-4e9a-95a9-e2f1e570ea9c/resourceGroups/insights-integration/providers/Microsoft.OperationalInsights/workspaces/viruela2 | string |
LogSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Log category for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| categoryGroup | Name of a Diagnostic Log category group for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this log is enabled. | bool (required) |
| retentionPolicy | the retention policy for this log. | RetentionPolicy |
MetricSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Metric category for a resource type this setting is applied to. To obtain the list of Diagnostic metric categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this category is enabled. | bool (required) |
| retentionPolicy | the retention policy for this category. | RetentionPolicy |
| timeGrain | the timegrain of the metric in ISO8601 format. | string |
Microsoft.Insights/diagnosticSettings
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| properties | Properties of a Diagnostic Settings Resource. | DiagnosticSettings |
| scope | Use when creating a resource at a scope that is different than the deployment scope. | Set this property to the symbolic name of a resource to apply the extension resource. |
RetentionPolicy
| Name | Description | Value |
|---|---|---|
| days | the number of days for the retention in days. A value of 0 will retain the events indefinitely. | int Constraints: Min value = 0 (required) |
| enabled | a value indicating whether the retention policy is enabled. | bool (required) |
Quickstart samples
The following quickstart samples deploy this resource type.
| Bicep File | Description |
|---|---|
| AKS Cluster with a NAT Gateway and an Application Gateway | This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| AKS cluster with the Application Gateway Ingress Controller | This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Application Gateway with internal API Management and Web App | Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
| Application Gateway with WAF and firewall policy | This template creates an Application Gateway with WAF configured along with a firewall policy |
| Azure Container Registry with Policies and Diagnostics | Azure Container Registry with Policies and Diagnostics (bicep) |
| Azure Data Factory with Git and managed vnet configuration | This template creates Azure Data Factory with Git configuration and managed virtual network. |
| Azure Game Developer Virtual Machine | Azure Game Developer Virtual Machine includes Licencsed Engines like Unreal. |
| Azure SQL Server with Auditing written to Log Analytics | This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace) |
| Create a Premium Redis Cache with clustering | This template shows how to configure clustering in a premium Azure Redis Cache instance. |
| Create a Redis Cache using a template | This template creates an Azure Redis Cache with diagnostics data kept in a storage account. |
| Create API Management in Internal VNet with App Gateway | This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway. |
| Create Key Vault with logging enabled | This template creates an Azure Key Vault and an Azure Storage account that is used for logging. It optionally creates resource locks to protect your Key Vault and storage resources. |
| Create Premium Redis Cache with data persistence | This template shows how to configure persistence in a premium Azure Redis Cache instance. |
| Create Recovery Services Vault and Enable Diagnostics | This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
| Create Recovery Services Vault with backup policies | This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
| Deploy a simple Azure Spring Apps microservice application | This template deploys a simple Azure Spring Apps microservice application to run on Azure. |
| Deploy Secure Azure AI Studio with a managed virtual network | This template creates a secure Azure AI Studio environment with robust network and identity security restrictions. |
| Front Door Premium with WAF and Microsoft-managed rule sets | This template creates a Front Door Premium including a web application firewall with the Microsoft-managed default and bot protection rule sets. |
| Front Door Standard/Premium with WAF and custom rule | This template creates a Front Door Standard/Premium including a web application firewall with a custom rule. |
| FrontDoor CDN with WAF, Domains and Logs to EventHub | This template creates a new Azure FrontDoor cdn profile. Create WAF with custom and managed rules, cdn routes, origin and groups with their association with WAF and routes, configures custom domains, create event hub and diagnostic settings for sending CDN access logs using event hub. |
| Log Analytics workspace with solutions and data sources | Deploys a Log Analytics workspace with specified solutions and data sources |
| Log Analytics workspace with VM Insights, Container Insights | Deploys a Log Analytics workspace with VM Insights, Container Insights solutions and diagnostics. |
| Network Security Group with diagnostic logs | This template creates a Network Security Group with diagnostic logs and a resource lock |
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology | This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
| Virtual Network with diagnostic logs | This template creates a Virtual Network with diagnostic logs and allows optional features to be added to each subnet |
ARM template resource definition
The diagnosticSettings resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Insights/diagnosticSettings resource, add the following JSON to your template.
{
"type": "Microsoft.Insights/diagnosticSettings",
"apiVersion": "2021-05-01-preview",
"name": "string",
"properties": {
"eventHubAuthorizationRuleId": "string",
"eventHubName": "string",
"logAnalyticsDestinationType": "string",
"logs": [
{
"category": "string",
"categoryGroup": "string",
"enabled": "bool",
"retentionPolicy": {
"days": "int",
"enabled": "bool"
}
}
],
"marketplacePartnerId": "string",
"metrics": [
{
"category": "string",
"enabled": "bool",
"retentionPolicy": {
"days": "int",
"enabled": "bool"
},
"timeGrain": "string"
}
],
"serviceBusRuleId": "string",
"storageAccountId": "string",
"workspaceId": "string"
}
}
Property values
DiagnosticSettings
| Name | Description | Value |
|---|---|---|
| eventHubAuthorizationRuleId | The resource Id for the event hub authorization rule. | string |
| eventHubName | The name of the event hub. If none is specified, the default event hub will be selected. | string |
| logAnalyticsDestinationType | A string indicating whether the export to Log Analytics should use the default destination type, i.e. AzureDiagnostics, or use a destination type constructed as follows: <normalized service identity>_<normalized category name>. Possible values are: Dedicated and null (null is default.) | string |
| logs | The list of logs settings. | LogSettings[] |
| marketplacePartnerId | The full ARM resource ID of the Marketplace resource to which you would like to send Diagnostic Logs. | string |
| metrics | The list of metric settings. | MetricSettings[] |
| serviceBusRuleId | The service bus rule Id of the diagnostic setting. This is here to maintain backwards compatibility. | string |
| storageAccountId | The resource ID of the storage account to which you would like to send Diagnostic Logs. | string |
| workspaceId | The full ARM resource ID of the Log Analytics workspace to which you would like to send Diagnostic Logs. Example: /subscriptions/4b9e8510-67ab-4e9a-95a9-e2f1e570ea9c/resourceGroups/insights-integration/providers/Microsoft.OperationalInsights/workspaces/viruela2 | string |
LogSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Log category for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| categoryGroup | Name of a Diagnostic Log category group for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this log is enabled. | bool (required) |
| retentionPolicy | the retention policy for this log. | RetentionPolicy |
MetricSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Metric category for a resource type this setting is applied to. To obtain the list of Diagnostic metric categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this category is enabled. | bool (required) |
| retentionPolicy | the retention policy for this category. | RetentionPolicy |
| timeGrain | the timegrain of the metric in ISO8601 format. | string |
Microsoft.Insights/diagnosticSettings
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2021-05-01-preview' |
| name | The resource name | string (required) |
| properties | Properties of a Diagnostic Settings Resource. | DiagnosticSettings |
| type | The resource type | 'Microsoft.Insights/diagnosticSettings' |
RetentionPolicy
| Name | Description | Value |
|---|---|---|
| days | the number of days for the retention in days. A value of 0 will retain the events indefinitely. | int Constraints: Min value = 0 (required) |
| enabled | a value indicating whether the retention policy is enabled. | bool (required) |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Application Gateway with internal API Management and Web App |
Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
| Application Gateway with WAF and firewall policy |
This template creates an Application Gateway with WAF configured along with a firewall policy |
| Azure Container Registry with Policies and Diagnostics |
Azure Container Registry with Policies and Diagnostics (bicep) |
| Azure Data Factory with Git and managed vnet configuration |
This template creates Azure Data Factory with Git configuration and managed virtual network. |
| Azure Game Developer Virtual Machine |
Azure Game Developer Virtual Machine includes Licencsed Engines like Unreal. |
| Azure SQL Server with Auditing written to Log Analytics |
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace) |
| Create a Premium Redis Cache with clustering |
This template shows how to configure clustering in a premium Azure Redis Cache instance. |
| Create a Redis Cache using a template |
This template creates an Azure Redis Cache with diagnostics data kept in a storage account. |
| Create API Management in Internal VNet with App Gateway |
This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway. |
| Create Key Vault with logging enabled |
This template creates an Azure Key Vault and an Azure Storage account that is used for logging. It optionally creates resource locks to protect your Key Vault and storage resources. |
| Create Premium Redis Cache with data persistence |
This template shows how to configure persistence in a premium Azure Redis Cache instance. |
| Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
| Create Recovery Services Vault with backup policies |
This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
| Create SQL MI with configured sending of logs and metrics |
This template allows you to deploy SQL MI and additional resources used for storing logs and metrics (diagnostic workspace, storage account, event hub). |
| Deploy a simple Azure Spring Apps microservice application |
This template deploys a simple Azure Spring Apps microservice application to run on Azure. |
| Deploy Secure Azure AI Studio with a managed virtual network |
This template creates a secure Azure AI Studio environment with robust network and identity security restrictions. |
| Front Door Premium with WAF and Microsoft-managed rule sets |
This template creates a Front Door Premium including a web application firewall with the Microsoft-managed default and bot protection rule sets. |
| Front Door Standard/Premium with WAF and custom rule |
This template creates a Front Door Standard/Premium including a web application firewall with a custom rule. |
| FrontDoor CDN with WAF, Domains and Logs to EventHub |
This template creates a new Azure FrontDoor cdn profile. Create WAF with custom and managed rules, cdn routes, origin and groups with their association with WAF and routes, configures custom domains, create event hub and diagnostic settings for sending CDN access logs using event hub. |
| Log Analytics workspace with solutions and data sources |
Deploys a Log Analytics workspace with specified solutions and data sources |
| Log Analytics workspace with VM Insights, Container Insights |
Deploys a Log Analytics workspace with VM Insights, Container Insights solutions and diagnostics. |
| Network Security Group with diagnostic logs |
This template creates a Network Security Group with diagnostic logs and a resource lock |
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology |
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
| Virtual Network with diagnostic logs |
This template creates a Virtual Network with diagnostic logs and allows optional features to be added to each subnet |
Terraform (AzAPI provider) resource definition
The diagnosticSettings resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Insights/diagnosticSettings resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Insights/diagnosticSettings@2021-05-01-preview"
name = "string"
parent_id = "string"
body = jsonencode({
properties = {
eventHubAuthorizationRuleId = "string"
eventHubName = "string"
logAnalyticsDestinationType = "string"
logs = [
{
category = "string"
categoryGroup = "string"
enabled = bool
retentionPolicy = {
days = int
enabled = bool
}
}
]
marketplacePartnerId = "string"
metrics = [
{
category = "string"
enabled = bool
retentionPolicy = {
days = int
enabled = bool
}
timeGrain = "string"
}
]
serviceBusRuleId = "string"
storageAccountId = "string"
workspaceId = "string"
}
})
}
Property values
DiagnosticSettings
| Name | Description | Value |
|---|---|---|
| eventHubAuthorizationRuleId | The resource Id for the event hub authorization rule. | string |
| eventHubName | The name of the event hub. If none is specified, the default event hub will be selected. | string |
| logAnalyticsDestinationType | A string indicating whether the export to Log Analytics should use the default destination type, i.e. AzureDiagnostics, or use a destination type constructed as follows: <normalized service identity>_<normalized category name>. Possible values are: Dedicated and null (null is default.) | string |
| logs | The list of logs settings. | LogSettings[] |
| marketplacePartnerId | The full ARM resource ID of the Marketplace resource to which you would like to send Diagnostic Logs. | string |
| metrics | The list of metric settings. | MetricSettings[] |
| serviceBusRuleId | The service bus rule Id of the diagnostic setting. This is here to maintain backwards compatibility. | string |
| storageAccountId | The resource ID of the storage account to which you would like to send Diagnostic Logs. | string |
| workspaceId | The full ARM resource ID of the Log Analytics workspace to which you would like to send Diagnostic Logs. Example: /subscriptions/4b9e8510-67ab-4e9a-95a9-e2f1e570ea9c/resourceGroups/insights-integration/providers/Microsoft.OperationalInsights/workspaces/viruela2 | string |
LogSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Log category for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| categoryGroup | Name of a Diagnostic Log category group for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this log is enabled. | bool (required) |
| retentionPolicy | the retention policy for this log. | RetentionPolicy |
MetricSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Metric category for a resource type this setting is applied to. To obtain the list of Diagnostic metric categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this category is enabled. | bool (required) |
| retentionPolicy | the retention policy for this category. | RetentionPolicy |
| timeGrain | the timegrain of the metric in ISO8601 format. | string |
Microsoft.Insights/diagnosticSettings
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| parent_id | The ID of the resource to apply this extension resource to. | string (required) |
| properties | Properties of a Diagnostic Settings Resource. | DiagnosticSettings |
| type | The resource type | "Microsoft.Insights/diagnosticSettings@2021-05-01-preview" |
RetentionPolicy
| Name | Description | Value |
|---|---|---|
| days | the number of days for the retention in days. A value of 0 will retain the events indefinitely. | int Constraints: Min value = 0 (required) |
| enabled | a value indicating whether the retention policy is enabled. | bool (required) |