New chapter about Windows Admin Center, the future of IT management. In this article, I will show you how to send log audit into Azure Log Analytics. As you know, the auditing is fundamental to prevent issues and unexpected tasks from users, especially when they have special permissions.
If you want what happened with your WAC, check the area called Microsoft-ServerManagementExperience.
To save these logs in Log Analytics, is necessary deploy the agent on the machine and enable the collection for Windows Event Logs, as showed in figure 2.
Wait 10 minutes and try to run a query – figure 3.
Very easy, very faster! I really love the possibility to move the logs in Azure but, to be honest, in this moment there are too many limitations around WAC’s logs: the granularity is a big missing point because there’s no way to search easier the login activity, the operations, the configuration changes and similar.
So, this is absolutely the beginning and I’m sure that the Product Team will improve this area.