Error while creating azure diagnostic setting

Does anybody know what the current values for enable_log for azurerm_monitor_diagnostic_setting. I have used all and allLogs none have worked. Thank you. And the code below is unsupported.

  enabled_log {
    category = "AuditEvent"

What is available to be used for that parameter depends upon the resource you are applying the diagnostic settings to.

A list is provided here, which includes categories but not category groups:
Supported categories for Azure Monitor resource logs | Microsoft Learn

But you may also want to use category groups (such as allLogs, audit, etc.)

Here is a small Powershell-AZ script that will list out all of the current valid diagnostic settings categories and the diagnostic settings category groups they are part of. It queries the Azure Resource Manager API directly

Ensure you are running with an up to date Powershell with an up to date Azure Az Powershelll module installed and that you have authenticated (connect-azaccount) against the subscription that contains the resource you are querying.

## Replace the below string with a full resource Id
$ResourceId = "ReplaceWithResourceId"
$DiagSettingsCategoriesRequest = invoke-azrestmethod -path "$($ResourceId)/providers/microsoft.insights/diagnosticSettingsCategories?api-version=2021-05-01-preview"
$DiagSettingsCategories = $DiagSettingsCategoriesRequest.Content | convertfrom-json

$DiagSettingsCategories.value | ForEach-Object {
  [PSCustomObject]@{
    name = $_.name
    displayname = $_.properties.displayname
    CategoryType = $_.properties.CategoryType
    CategoryGroups = $_.properties.CategoryGroups -join ', '
  }
}

Hope that helps

Happy Terraforming!

Thanks for sharing and the time and response. I will try this solution.

Hi guys, this configuration is working for my storage account with blob containers (23 February 2024):

# Diagnostic settings for the metrics of the storage account.
resource "azurerm_monitor_diagnostic_setting" "storageaccount_diagnostic" {
  name                       = "${var.environment}-${var.storage_account.name}-diagnostic"
  target_resource_id         = azurerm_storage_account.storageaccount.id
  log_analytics_workspace_id = var.loganalytics_workspace_id
  
  # All metrics
  metric {
    category = "Capacity"
    enabled  = true
  }
  metric {
    category = "Transaction"
    enabled  = true
  }
}
# Diagnostic settings (metrics and logs) for the storage account's blob containers. It's configured once to cover all blobs.
resource "azurerm_monitor_diagnostic_setting" "storageaccount_diagnostic_blobs" {
  name                       = "${var.environment}-${var.storage_account.name}-diagnostic-blobs"
  target_resource_id         = "${azurerm_storage_account.storageaccount.id}/blobServices/default/"
  log_analytics_workspace_id = var.loganalytics_workspace_id

  enabled_log {
    category_group = "allLogs"
  }
  
  # All metrics
  metric {
    category = "Capacity"
    enabled  = true
  }
  metric {
    category = "Transaction"
    enabled  = true
  }
}

I did the same for the tables and queues, using an additional resource and changing the target_resource_id reference to:

• "${azurerm_storage_account.storageaccount[0].id}/tableServices/default/"
• "${azurerm_storage_account.storageaccount[0].id}/queueServices/default/"

Naturally the variables will need to be updated to reflect your environment.

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.