将诊断日志从任何Azure对象路由到事件中心

时间:2019-11-21 19:25:13

标签: azure-cli

我正在尝试使用"Set-AzDiagnosticSetting"来定义例如PublicIP,我也想对其他对象进行相同的操作,但是目前我正在对此进行测试。

如果进入GUI: PublicIP->诊断设置->添加诊断设置->名称->流到事件中心->选择事件中心名称空间->事件中心名称->事件中心策略->单击确定 从日志中选择-> DDoSProtectionNotifications,DDoSMitigationFlowLogs,DDoSMitigationReports(从度量标准)->所有度量标准->单击确定->单击保存,并确定已创建诊断设置名称。

如何在Azure CLI中编写此代码,以使其在代码中正常工作,因为我无法钉住它:

Set-AzDiagnosticSetting -ResourceId $resID -Enabled $True -Name "IPDiagnostic" -EventHubName $eveH -Category "DDoSProtectionNotifications","DDoSMitigationFlowLogs", "DDoSMitigationReports" -EventHubAuthorizationRuleId "RootManageSharedAccessKey"

我不知道我必须填写以下哪个命令才能使它起作用:https://docs.microsoft.com/en-us/powershell/module/az.monitor/set-azdiagnosticsetting?view=azps-3.0.0

谢谢!

az监视器诊断设置创建--resource“/subscriptions/…/ResourceGroup/providers/Microsoft.Network/publicIPAddresses/NameOfTheResource” \ -n“ IpDiagnostic” \ --event-hub-rule“/subscriptions/…/LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog/authorizationrules/RootManageSharedAccessKey” \ --event-hub/subscriptions/…/LogPipeline/providers/Microsoft.EventHub/namespaces/LogsSentToHub/eventhubs/IpDiagnosticlog“ \ --logs'[         {           “ category”:“ DDoSProtectionNotifications”,           “已启用”:是,           “ retentionPolicy”:{             “天”:0,             “已启用”:false           }         },         {           “ category”:“ DDoSMitigationFlowLogs”,           “已启用”:是,           “ retentionPolicy”:{             “天”:0,             “已启用”:false           }         },         {           “ category”:“ DDoSMitigationReports”,           “已启用”:是,           “ retentionPolicy”:{             “天”:0,             “已启用”:false           }         }       ]' --metrics'[         {           “ category”:“ AllMetrics”,           “已启用”:false,           “ retentionPolicy”:{             “天”:0,             “已启用”:false           },           “ timeGrain”:null         }       ]'

1 个答案:

答案 0 :(得分:0)

您好,欢迎来到Stack Overflow!

有两种变体,您可以通过 Azure CLI 发出此命令,即使用存储帐户作为接收器,或使用事件中心(具有事件中心规则):

使用存储帐户: 

az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli  --storage-account /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Storage/storageAccounts/xxxxx 
--logs '[
     {
       "category": "JobStreams",
       "enabled": true,
       "retentionPolicy": {
         "enabled": false,
         "days": 0
       }
     }
   ]'
--metrics '[
     {
       "category": "AllMetrics",
       "enabled": true,
       "retentionPolicy": {
         "enabled": false,
         "days": 0
       }
     }
   ]'

使用事件中心: 

az monitor diagnostic-settings create --resource /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.Automation/automationAccounts/xxxxx -n testehcli --event-hub /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx --event-hub-rule /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/xxxxx/providers/Microsoft.EventHub/namespaces/xxxxx/AuthorizationRules/xxxxx
--logs '[
     {
       "category": "JobStreams",
       "enabled": true,
       "retentionPolicy": {
         "enabled": false,
         "days": 0
       }
     }
   ]'
--metrics '[
     {
       "category": "AllMetrics",
       "enabled": true,
       "retentionPolicy": {
         "enabled": false,
         "days": 0
       }
     }
   ]'

要进一步了解每个选项的含义,请查看命令参考here。如果您仍然遇到问题,请随时发布错误详细信息,其中可能还包括屏幕截图,我们可以对其进行进一步的故障排除。希望这会有所帮助!

相关问题
最新问题