Skip to content

avinor/terraform-azurerm-log-analytics

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
examples
examples
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
azure-pipelines.yaml
azure-pipelines.yaml
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

Log Analytics

Deploys a log analytics workspace for collecting all diagnostics logs and metrics. Can collect logs across multiple subscriptions and connect to Security Center. It is recommended to deploy only one instance per region to collect all diagnostics in one place. For multiple regions it can be advantagious to deploy one in each region, as recommended by Microsoft.

Setup

Not all options are available in terraform yet. To collect Azure Activity logs additional configuration is required after deployment.

Open deployed log analytics workspace and go to "Workspace Data Sources" -> "Azure Activity log" and connect to subscriptions that should collect activity logs.

Usage

Example using tau for deployment

module {
    source = "avinor/log-analytics/azurerm"
    version = "1.1.0"
}

inputs {
    name = "logs"
    resource_group_name = "logs-rg"
    location = "westeurope"
}

To add solutions to the workspace use the solutions variable to define solution name, publisher and product.

module {
    source = "avinor/log-analytics/azurerm"
    version = "1.1.0"
}

inputs {
    name = "logs"
    resource_group_name = "logs-rg"
    location = "westeurope"

    solutions = [
        {
            solution_name = "ContainerInsights",
            publisher = "Microsoft",
            product = "OMSGallery/ContainerInsights",
        },
    ]
}

Solutions

Some of the solutions that can be added:

solution_name publisher  product
ContainerInsights Microsoft OMSGallery/ContainerInsights
AzureAppGatewayAnalytics Microsoft OMSGallery/AzureAppGatewayAnalytics
AzureActivity Microsoft OMSGallery/AzureActivity
Security Microsoft OMSGallery/Security
KeyVaultAnalytics Microsoft OMSGallery/KeyVaultAnalytics
AntiMalware Microsoft OMSGallery/AntiMalware
NetworkMonitoring Microsoft OMSGallery/NetworkMonitoring

In addition if using Azure Firewall install the Azure Firewall sample workspace for viewing firewall logs.

Contributors

If sharing a log analytics instance with other subscriptions it might be required to assign Log Analytics Contributor access to other service principals. Use the contributor input variable to assign access to other users / apps. This should be a list of object_ids.

About

Terraform module to deploy Log Analytics workspace with option to add solutions to it.

registry.terraform.io/modules/avinor/log-analytics/azurerm

Topics

azure terraform terraform-module

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

9 stars

Watchers

4 watching

Forks

10 forks
Report repository

Releases 10

v2.0.3 Latest
Jun 19, 2024
+ 9 releases

Packages

No packages published

Contributors 10

Languages