Microsoft.Insights diagnosticSettings
Bicep resource definition
The diagnosticSettings resource type is an extension resource, which means you can apply it to another resource.
Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in Bicep.
The diagnosticSettings resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Remarks
For guidance on deploying monitoring solutions, see Create monitoring resources by using Bicep.
Resource format
To create a Microsoft.Insights/diagnosticSettings resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Insights/diagnosticSettings@2021-05-01-preview' = {
name: 'string'
scope: resourceSymbolicName
properties: {
eventHubAuthorizationRuleId: 'string'
eventHubName: 'string'
logAnalyticsDestinationType: 'string'
logs: [
{
category: 'string'
categoryGroup: 'string'
enabled: bool
retentionPolicy: {
days: int
enabled: bool
}
}
]
marketplacePartnerId: 'string'
metrics: [
{
category: 'string'
enabled: bool
retentionPolicy: {
days: int
enabled: bool
}
timeGrain: 'string'
}
]
serviceBusRuleId: 'string'
storageAccountId: 'string'
workspaceId: 'string'
}
}
Property values
diagnosticSettings
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| scope | Use when creating an extension resource at a scope that is different than the deployment scope. | Target resource For Bicep, set this property to the symbolic name of the resource to apply the extension resource. |
| properties | Properties of a Diagnostic Settings Resource. | DiagnosticSettings |
DiagnosticSettings
| Name | Description | Value |
|---|---|---|
| eventHubAuthorizationRuleId | The resource Id for the event hub authorization rule. | string |
| eventHubName | The name of the event hub. If none is specified, the default event hub will be selected. | string |
| logAnalyticsDestinationType | A string indicating whether the export to Log Analytics should use the default destination type, i.e. AzureDiagnostics, or use a destination type constructed as follows: {normalized service identity}_{normalized category name}. Possible values are: Dedicated and null (null is default.) | string |
| logs | The list of logs settings. | LogSettings[] |
| marketplacePartnerId | The full ARM resource ID of the Marketplace resource to which you would like to send Diagnostic Logs. | string |
| metrics | The list of metric settings. | MetricSettings[] |
| serviceBusRuleId | The service bus rule Id of the diagnostic setting. This is here to maintain backwards compatibility. | string |
| storageAccountId | The resource ID of the storage account to which you would like to send Diagnostic Logs. | string |
| workspaceId | The full ARM resource ID of the Log Analytics workspace to which you would like to send Diagnostic Logs. Example: /subscriptions/4b9e8510-67ab-4e9a-95a9-e2f1e570ea9c/resourceGroups/insights-integration/providers/Microsoft.OperationalInsights/workspaces/viruela2 | string |
LogSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Log category for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| categoryGroup | Name of a Diagnostic Log category group for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this log is enabled. | bool (required) |
| retentionPolicy | the retention policy for this log. | RetentionPolicy |
RetentionPolicy
| Name | Description | Value |
|---|---|---|
| days | the number of days for the retention in days. A value of 0 will retain the events indefinitely. | int (required) Constraints: Min value = 0 |
| enabled | a value indicating whether the retention policy is enabled. | bool (required) |
MetricSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Metric category for a resource type this setting is applied to. To obtain the list of Diagnostic metric categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this category is enabled. | bool (required) |
| retentionPolicy | the retention policy for this category. | RetentionPolicy |
| timeGrain | the timegrain of the metric in ISO8601 format. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| Create a Private AKS Cluster with a Public DNS Zone |
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. |
| Create API Management in Internal VNet with App Gateway |
This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway. |
| Create and monitor API Management instance |
This template creates an instance of Azure API Management service and Log Analytics workspace and sets up monitoring for your API Management service with Log Analytics |
| Deploy a simple Azure Spring Apps microservice application |
This template deploys a simple Azure Spring Apps microservice application to run on Azure. |
| creates an Azure Stack HCI 23H2 cluster |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template. |
| creates an Azure Stack HCI 23H2 cluster |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template, using custom storage IP |
| creates an Azure Stack HCI 23H2 cluster in Switchless-Dual-link Networking mode |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template. |
| creates an Azure Stack HCI 23H2 cluster in Switchless-SingleLink networking mode |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template. |
| Create a Redis Cache using a template |
This template creates an Azure Redis Cache with diagnostics data kept in a storage account. |
| Create a Premium Redis Cache with clustering |
This template shows how to configure clustering in a premium Azure Redis Cache instance. |
| Create Premium Redis Cache with data persistence |
This template shows how to configure persistence in a premium Azure Redis Cache instance. |
| Front Door Premium with WAF and Microsoft-managed rule sets |
This template creates a Front Door Premium including a web application firewall with the Microsoft-managed default and bot protection rule sets. |
| Front Door Standard/Premium with WAF and custom rule |
This template creates a Front Door Standard/Premium including a web application firewall with a custom rule. |
| Azure Container Registry with Policies and Diagnostics |
Azure Container Registry with Policies and Diagnostics (bicep) |
| Azure Data Factory with Git and managed vnet configuration |
This template creates Azure Data Factory with Git configuration and managed virtual network. |
| Log Analytics workspace with solutions and data sources |
Deploys a Log Analytics workspace with specified solutions and data sources |
| Log Analytics workspace with VM Insights, Container Insights |
Deploys a Log Analytics workspace with VM Insights, Container Insights solutions and diagnostics. |
| Create Key Vault with logging enabled |
This template creates an Azure Key Vault and an Azure Storage account that is used for logging. It optionally creates resource locks to protect your Key Vault and storage resources. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Application Gateway with WAF and firewall policy |
This template creates an Application Gateway with WAF configured along with a firewall policy |
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology |
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
| Create Azure Front Door in front of Azure API Management |
This sample demonstrates how to use Azure Front Door as a global load balancer in front of Azure API Management. |
| Network Security Group with diagnostic logs |
This template creates a Network Security Group with diagnostic logs and a resource lock |
| Virtual Network with diagnostic logs |
This template creates a Virtual Network with diagnostic logs and allows optional features to be added to each subnet |
| Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
| Create Recovery Services Vault with backup policies |
This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
| Azure SQL Server with Auditing written to Event Hub |
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Event Hub |
| Azure SQL Server with Auditing written to Log Analytics |
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace) |
| Create SQL MI with configured sending of logs and metrics |
This template allows you to deploy SQL MI and additional resources used for storing logs and metrics (diagnostic workspace, storage account, event hub). |
| Application Gateway with internal API Management and Web App |
Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
ARM template resource definition
The diagnosticSettings resource type is an extension resource, which means you can apply it to another resource.
Use the scope property on this resource to set the scope for this resource. See Set scope on extension resources in ARM templates.
The diagnosticSettings resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Remarks
For guidance on deploying monitoring solutions, see Create monitoring resources by using Bicep.
Resource format
To create a Microsoft.Insights/diagnosticSettings resource, add the following JSON to your template.
{
"type": "Microsoft.Insights/diagnosticSettings",
"apiVersion": "2021-05-01-preview",
"name": "string",
"scope": "string",
"properties": {
"eventHubAuthorizationRuleId": "string",
"eventHubName": "string",
"logAnalyticsDestinationType": "string",
"logs": [
{
"category": "string",
"categoryGroup": "string",
"enabled": "bool",
"retentionPolicy": {
"days": "int",
"enabled": "bool"
}
}
],
"marketplacePartnerId": "string",
"metrics": [
{
"category": "string",
"enabled": "bool",
"retentionPolicy": {
"days": "int",
"enabled": "bool"
},
"timeGrain": "string"
}
],
"serviceBusRuleId": "string",
"storageAccountId": "string",
"workspaceId": "string"
}
}
Property values
diagnosticSettings
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.Insights/diagnosticSettings' |
| apiVersion | The resource api version | '2021-05-01-preview' |
| name | The resource name | string (required) |
| scope | Use when creating an extension resource at a scope that is different than the deployment scope. | Target resource For JSON, set the value to the full name of the resource to apply the extension resource to. |
| properties | Properties of a Diagnostic Settings Resource. | DiagnosticSettings |
DiagnosticSettings
| Name | Description | Value |
|---|---|---|
| eventHubAuthorizationRuleId | The resource Id for the event hub authorization rule. | string |
| eventHubName | The name of the event hub. If none is specified, the default event hub will be selected. | string |
| logAnalyticsDestinationType | A string indicating whether the export to Log Analytics should use the default destination type, i.e. AzureDiagnostics, or use a destination type constructed as follows: {normalized service identity}_{normalized category name}. Possible values are: Dedicated and null (null is default.) | string |
| logs | The list of logs settings. | LogSettings[] |
| marketplacePartnerId | The full ARM resource ID of the Marketplace resource to which you would like to send Diagnostic Logs. | string |
| metrics | The list of metric settings. | MetricSettings[] |
| serviceBusRuleId | The service bus rule Id of the diagnostic setting. This is here to maintain backwards compatibility. | string |
| storageAccountId | The resource ID of the storage account to which you would like to send Diagnostic Logs. | string |
| workspaceId | The full ARM resource ID of the Log Analytics workspace to which you would like to send Diagnostic Logs. Example: /subscriptions/4b9e8510-67ab-4e9a-95a9-e2f1e570ea9c/resourceGroups/insights-integration/providers/Microsoft.OperationalInsights/workspaces/viruela2 | string |
LogSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Log category for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| categoryGroup | Name of a Diagnostic Log category group for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this log is enabled. | bool (required) |
| retentionPolicy | the retention policy for this log. | RetentionPolicy |
RetentionPolicy
| Name | Description | Value |
|---|---|---|
| days | the number of days for the retention in days. A value of 0 will retain the events indefinitely. | int (required) Constraints: Min value = 0 |
| enabled | a value indicating whether the retention policy is enabled. | bool (required) |
MetricSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Metric category for a resource type this setting is applied to. To obtain the list of Diagnostic metric categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this category is enabled. | bool (required) |
| retentionPolicy | the retention policy for this category. | RetentionPolicy |
| timeGrain | the timegrain of the metric in ISO8601 format. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| AKS Cluster with a NAT Gateway and an Application Gateway |
This sample shows how to a deploy an AKS cluster with NAT Gateway for outbound connections and an Application Gateway for inbound connections. |
| Create a Private AKS Cluster with a Public DNS Zone |
This sample shows how to a deploy a private AKS cluster with a Public DNS Zone. |
| Create API Management in Internal VNet with App Gateway |
This template demonstrates how to Create a instance of Azure API Management on a private network protected by Azure Application Gateway. |
| Create and monitor API Management instance |
This template creates an instance of Azure API Management service and Log Analytics workspace and sets up monitoring for your API Management service with Log Analytics |
| Deploy a simple Azure Spring Apps microservice application |
This template deploys a simple Azure Spring Apps microservice application to run on Azure. |
| creates an Azure Stack HCI 23H2 cluster |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template. |
| creates an Azure Stack HCI 23H2 cluster |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template, using custom storage IP |
| creates an Azure Stack HCI 23H2 cluster in Switchless-Dual-link Networking mode |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template. |
| creates an Azure Stack HCI 23H2 cluster in Switchless-SingleLink networking mode |
This template creates an Azure Stack HCI 23H2 cluster using an ARM template. |
| Create a Redis Cache using a template |
This template creates an Azure Redis Cache with diagnostics data kept in a storage account. |
| Create a Premium Redis Cache with clustering |
This template shows how to configure clustering in a premium Azure Redis Cache instance. |
| Create Premium Redis Cache with data persistence |
This template shows how to configure persistence in a premium Azure Redis Cache instance. |
| Front Door Premium with WAF and Microsoft-managed rule sets |
This template creates a Front Door Premium including a web application firewall with the Microsoft-managed default and bot protection rule sets. |
| Front Door Standard/Premium with WAF and custom rule |
This template creates a Front Door Standard/Premium including a web application firewall with a custom rule. |
| Azure Container Registry with Policies and Diagnostics |
Azure Container Registry with Policies and Diagnostics (bicep) |
| Azure Data Factory with Git and managed vnet configuration |
This template creates Azure Data Factory with Git configuration and managed virtual network. |
| Log Analytics workspace with solutions and data sources |
Deploys a Log Analytics workspace with specified solutions and data sources |
| Log Analytics workspace with VM Insights, Container Insights |
Deploys a Log Analytics workspace with VM Insights, Container Insights solutions and diagnostics. |
| Create Key Vault with logging enabled |
This template creates an Azure Key Vault and an Azure Storage account that is used for logging. It optionally creates resource locks to protect your Key Vault and storage resources. |
| AKS cluster with the Application Gateway Ingress Controller |
This sample shows how to deploy an AKS cluster with Application Gateway, Application Gateway Ingress Controller, Azure Container Registry, Log Analytics and Key Vault |
| Application Gateway with WAF and firewall policy |
This template creates an Application Gateway with WAF configured along with a firewall policy |
| Use Azure Firewall as a DNS Proxy in a Hub & Spoke topology |
This sample show how to deploy a hub-spoke topology in Azure using the Azure Firewall. The hub virtual network acts as a central point of connectivity to many spoke virtual networks that are connected to hub virtual network via virtual network peering. |
| Create Azure Front Door in front of Azure API Management |
This sample demonstrates how to use Azure Front Door as a global load balancer in front of Azure API Management. |
| Network Security Group with diagnostic logs |
This template creates a Network Security Group with diagnostic logs and a resource lock |
| Virtual Network with diagnostic logs |
This template creates a Virtual Network with diagnostic logs and allows optional features to be added to each subnet |
| Create Recovery Services Vault and Enable Diagnostics |
This template creates a Recovery Services Vault and enables diagnostics for Azure Backup. This also deploys storage account and oms workspace. |
| Create Recovery Services Vault with backup policies |
This template creates a Recovery Services Vault with backup policies and configure optional features such system identity, backup storage type, cross region restore and diagnostics logs and a delete lock. |
| Azure SQL Server with Auditing written to Event Hub |
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Event Hub |
| Azure SQL Server with Auditing written to Log Analytics |
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace) |
| Create SQL MI with configured sending of logs and metrics |
This template allows you to deploy SQL MI and additional resources used for storing logs and metrics (diagnostic workspace, storage account, event hub). |
| Application Gateway with internal API Management and Web App |
Application Gateway routing Internet traffic to a virtual network (internal mode) API Management instance which services a web API hosted in an Azure Web App. |
Terraform (AzAPI provider) resource definition
The diagnosticSettings resource type is an extension resource, which means you can apply it to another resource.
Use the parent_id property on this resource to set the scope for this resource.
The diagnosticSettings resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Insights/diagnosticSettings resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Insights/diagnosticSettings@2021-05-01-preview"
name = "string"
parent_id = "string"
body = jsonencode({
properties = {
eventHubAuthorizationRuleId = "string"
eventHubName = "string"
logAnalyticsDestinationType = "string"
logs = [
{
category = "string"
categoryGroup = "string"
enabled = bool
retentionPolicy = {
days = int
enabled = bool
}
}
]
marketplacePartnerId = "string"
metrics = [
{
category = "string"
enabled = bool
retentionPolicy = {
days = int
enabled = bool
}
timeGrain = "string"
}
]
serviceBusRuleId = "string"
storageAccountId = "string"
workspaceId = "string"
}
})
}
Property values
diagnosticSettings
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.Insights/diagnosticSettings@2021-05-01-preview" |
| name | The resource name | string (required) |
| parent_id | The ID of the resource to apply this extension resource to. | string (required) |
| properties | Properties of a Diagnostic Settings Resource. | DiagnosticSettings |
DiagnosticSettings
| Name | Description | Value |
|---|---|---|
| eventHubAuthorizationRuleId | The resource Id for the event hub authorization rule. | string |
| eventHubName | The name of the event hub. If none is specified, the default event hub will be selected. | string |
| logAnalyticsDestinationType | A string indicating whether the export to Log Analytics should use the default destination type, i.e. AzureDiagnostics, or use a destination type constructed as follows: {normalized service identity}_{normalized category name}. Possible values are: Dedicated and null (null is default.) | string |
| logs | The list of logs settings. | LogSettings[] |
| marketplacePartnerId | The full ARM resource ID of the Marketplace resource to which you would like to send Diagnostic Logs. | string |
| metrics | The list of metric settings. | MetricSettings[] |
| serviceBusRuleId | The service bus rule Id of the diagnostic setting. This is here to maintain backwards compatibility. | string |
| storageAccountId | The resource ID of the storage account to which you would like to send Diagnostic Logs. | string |
| workspaceId | The full ARM resource ID of the Log Analytics workspace to which you would like to send Diagnostic Logs. Example: /subscriptions/4b9e8510-67ab-4e9a-95a9-e2f1e570ea9c/resourceGroups/insights-integration/providers/Microsoft.OperationalInsights/workspaces/viruela2 | string |
LogSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Log category for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| categoryGroup | Name of a Diagnostic Log category group for a resource type this setting is applied to. To obtain the list of Diagnostic Log categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this log is enabled. | bool (required) |
| retentionPolicy | the retention policy for this log. | RetentionPolicy |
RetentionPolicy
| Name | Description | Value |
|---|---|---|
| days | the number of days for the retention in days. A value of 0 will retain the events indefinitely. | int (required) Constraints: Min value = 0 |
| enabled | a value indicating whether the retention policy is enabled. | bool (required) |
MetricSettings
| Name | Description | Value |
|---|---|---|
| category | Name of a Diagnostic Metric category for a resource type this setting is applied to. To obtain the list of Diagnostic metric categories for a resource, first perform a GET diagnostic settings operation. | string |
| enabled | a value indicating whether this category is enabled. | bool (required) |
| retentionPolicy | the retention policy for this category. | RetentionPolicy |
| timeGrain | the timegrain of the metric in ISO8601 format. | string |