Log Analytics

The presented resiliency recommendations in this guidance include Log Analytics and associated Log Analytics settings.

Summary of Recommendations

The below table shows the list of resiliency recommendations for Log Analytics and associated resources.

Recommendation	Category	Impact	State	ARG Query Available
LOG-1 - Enable Log Analytics data export to GRS or GZRS	Governance	Medium	Verified	No
LOG-4 - Create a health status alert rule for your Log Analytics workspace	Monitoring	Low	Verified	No
LOG-5 - Configure minimal logging and retention of logs	Governance	Low	Verified	No

Definitions of states can be found here

Recommendations Details

LOG-1 - Enable Log Analytics data export to GRS or GZRS

Category: Governance

Impact: Medium

Guidance

Data export in a Log Analytics workspace lets you continuously export data to an Azure Storage account. Protect your Log Analytics workspace data from the unlikely event of a regional failure by continuously exporting to a geo-redundant storage (GRS) or geo-zone-redundant storage (GZRS) account. This is primarily a recommendation to meet compliance for data retention, but can also be used to integrate the data with other Azure services and tools.

Resources

Resource Graph Query

// cannot-be-validated-with-arg

LOG-4 - Create a health status alert rule for your Log Analytics workspace

Category: Monitoring

Impact: Low

Guidance

A health status alert will proactively notify you if a workspace becomes unavailable because of a datacenter or regional failure.

Resources

Resource Graph Query

// cannot-be-validated-with-arg

LOG-5 - Configure minimal logging and retention of logs

Category: Governance

Impact: Low

Guidance

Azure Monitor Logs automatically retains log data for a specific period of time depending on the data type (for example, 30 days for platform logs and metrics). However, you may need to retain your data for longer periods for compliance or business reasons. You can configure the data retention settings based on your requirements.

Use Azure Monitor archive settings for older, less used data in your workspace at a reduced cost. You can access data in the archived state by using search jobs and restore. You can keep data in archived state for up to 12 years.

Resources

Resource Graph Query

// cannot-be-validated-with-arg

Azure Databricks

Batch Accounts

Azure Site Recovery

Compute Gallery

Image Templates

Virtual Machine Scale Sets

Virtual Machines

AKS

Container Registry

SQL DB

Cosmos DB

DB for MySQL

DB for PostgreSQL

Redis Cache

Api Management

Event Grid

Event Hub

Service Bus

IoT Hub

Automation Account

Management Groups

Resource Groups

Subscription

Azure Backup

Application Insights

Log Analytics

Resource Health Alerts

Service Health Alerts

Application Gateway

DDoS Protection Plans

ExpressRoute Circuits

ExpressRoute Connection

ExpressRoute Direct

ExpressRoute Gateway

ExpressRoute Traffic Collector

Firewall

Front Door

Load Balancer

Network Security Group

Network Watcher

Private DNS Zones

Private Endpoints

Public Ip

Route Table

Traffic Manager

Virtual Networks

VPN Gateway

Web Application Firewall

Key Vault

Azure High Performance Computing

Azure Virtual Desktop

Azure VMware Solution

SAP on Azure

Azure NetApp Files

Storage Accounts (Blob/Azure Data Lake Storage Gen2)

App Service Plan

SignalR

Web App

Log Analytics

Summary of Recommendations

Recommendations Details

LOG-1 - Enable Log Analytics data export to GRS or GZRS

LOG-4 - Create a health status alert rule for your Log Analytics workspace

LOG-5 - Configure minimal logging and retention of logs