Enabling Diagnostic Logs Using PowerShell
Start course

This course looks into how to capture log data and metrics from Azure services and feed this information into different locations for processing. We take a look at diagnostic logging, which can help to troubleshoot services and create queries and alerts based on that data. We also look into Azure Adviser, cost consumption reporting, and how we can baseline resources. This is an introduction to these advanced areas of Azure services.

Learning Objectives

  • Understand how to use and configure diagnostic logging for Azure services
  • Gain an understanding of Azure Monitor and how to create and manage alerts
  • Review cost consumption reporting and how to create scheduled reports
  • Investigate different methods for baselining resources

Intended Audience

  • People who want to become Azure cloud architects
  • People preparing for Microsoft’s AZ-303 exam


  • General knowledge of Azure services

For more MS Azure-related training content, visit our Microsoft Azure Training Library.


So we have a brief demo here of using PowerShell to view the diagnostic settings that we've added to the Jenkins-nsg. So we've got the login-AzureRm PowerShell commandlet here, which I've already run and logged in with my credentials. We've got four parameters here we're going to set which include the target resource group name, target nsg, diagnostic resource group, and diagnostic Log Analytics instance. So we're going to assign the nsg into this variable with the Get-AzureRmNetworkSecurityGroup and the appropriate values, run that command, and we check that value. We can see we've got the Jenkins-nsg. If we run this command, the Get-AzureRmOperationalInsightsWorkspace with the appropriate settings, we will see we've got the Log Analytics instance. So to check that we've got the right settings already on there, we created the AllInOne setting. So if we do the Get-AzueRmDiagnosticSettings, we can see, there it is, AllInOne, and each of the different locations for storing diagnostic data. So we've got the workspace, the event hub, and we're using metrics, logs, and seven days retention. So going into the storage account, it's also in here: StorageAccountId.

So this is basically the outline of what we've already created in the portal. You should be able to use this command, but at the moment the commandlets are broken, so this is a known issue. At the time of this video, there isn’t a workaround. You need to do it in the portal, so that's a bit unfortunate, however you should be sending in values very similar to this. So we're going to have a quick look at the CLI commands. So here, this is sort of what the CLI version would look like. So az, then run your login. You've got the diagnostic-settings create, and then again just fill out the properties for each of these different items. And in the last section of this code, how we can generate these things with code, is if you're using Azure resource group templates, the resource here, under resources, you have diagnostic settings. So the type is provider/diagnosticSettings and then you'd create your setting name, what resource you're going to depend on, api version will change over time, and here we have the properties for each of the different items: eventHubAuthorizationRuleId, event hub, workspace or storage account id, and the logs or metrics you want to record. These are going to be different for different types of resources and the same thing for the log categories. So you're going to have to tailor these for your specific purposes. That was a brief overview of how to set diagnostic settings using code.


About the Author

Matthew Quickenden is a motivated Infrastructure Consultant with over 20 years of industry experience supporting Microsoft systems and other Microsoft products and solutions. He works as a technical delivery lead managing resources, understanding and translating customer requirements and expectations into architecture, and building technical solutions. In recent years, Matthew has been focused on helping businesses consume and utilize cloud technologies with a focus on leveraging automation to rapidly deploy and manage cloud resources at scale.