Description:
You can monitor how and when your key vaults are accessed, and by whom. by enabling logging for Azure Key Vault. This saves information in an Azure storage account that you provide.
What is logged:
...
With Azure diagnostic logs, you can view core analytics and save them into one or more destinations including:
- Azure Storage account
- Log Analytics workspace
- Azure Event Hubs
A wide variety of services found below support the use of diagnostic logs in order to further troubleshoot, audit, and keep records of all ongoing activity. It's important to enable this to ensure that, if something were to happen, the information is available for the particular service.
Solution/Reference:
Full instructions to perform this for a variety of services can be found here:
Azure Stream Analytics: https://docs.microsoft.com/en-us/azure/stream-analytics/stream-analytics-job-diagnostic-logs
Key Vault: https://docs.microsoft.com/en-us/azure/key-vault/general/howto-logging & https://docs.microsoft.com/en-us/azure/key-vault/general/logging?tabs=Vault
Batch Accounts: https://docs.microsoft.com/en-us/azure/batch/batch-diagnostics
Event Hub: https://docs.microsoft.com/en-us/azure/event-hubs/monitor-event-hubs-reference#resource-logs
Service Bus: https://docs.microsoft.com/en-us/azure/service-bus-messaging/monitor-service-bus-reference#resource-logs
Virtual Machine Scale Sets: https://medium.com/microsoftazure/adding-diagnostic-extensions-to-an-existing-azure-vm-scale-set-a5a5f6320b2c