Maintained with ☕️ by
IcePanel logo

GA: Azure Monitor log search alerts support managed identities

Share

Services

Azure Monitor alerts allow you to monitor your Azure and application data to quickly identify issues affecting your service. You can use log search alert rules to run queries periodically on your log data get notifications or trigger actions when an a potential issue is identified. A common challenge for developers is the management of credentials for applications to use when connecting to resources. Managed identities provide an automatically managed identity in Microsoft Entra ID. Applications can use managed identities to obtain Microsoft Entra tokens without having to manage any credentials. Log search alert rules support managed identities for Azure resources, allowing you to see and control the exact permissions of your log search alert rule. You can use managed identities in log search alert rules using either of these two options: * System assigned managed identity: Azure creates a new, dedicated identity for this alert rule. After you create the rule, you must assign permissions to this identity to access the workspace and data sources needed for the query. * User assigned managed identity: Before you create the alert rule, you [create an identity](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flearn.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fmanaged-identities-azure-resources%2Fhow-manage-user-assigned-managed-identities%23create-a-user-assigned-managed-identity&data=05%7C02%7CNoga.Lavi%40microsoft.com%7Ce1d01ff7e43f4674a9aa08dc5ded785e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638488521728915137%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=17c20Yaw23I4tmKejLPnNNinBA7MZ21ekVIueuPxi0s%3D&reserved=0) and assign it appropriate permissions for the log query. You can use the same identity in multiple alert rules. In order to create alerts with query on Azure Data Explorer or Azure Resource Graph you must configure managed identity. Further information: * [Managed identities for Azure resources](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flearn.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fmanaged-identities-azure-resources%2Foverview&data=05%7C02%7CNoga.Lavi%40microsoft.com%7Ce1d01ff7e43f4674a9aa08dc5ded785e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638488521728927401%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=1hbvz8La2wMW5BRrR1HqR52KPTJesBP%2B8%2FbQnMqqt64%3D&reserved=0) * [Configure Managed Identity in Log Search Alert Rule](https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flearn.microsoft.com%2Fen-us%2Fazure%2Fazure-monitor%2Falerts%2Falerts-create-log-alert-rule%23managed-id&data=05%7C02%7CNoga.Lavi%40microsoft.com%7Ce1d01ff7e43f4674a9aa08dc5ded785e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638488521728936812%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C0%7C%7C%7C&sdata=Q3ZZftd1rkmWlXjCq4K%2FvopQbmvI4RM08TTtlXMnDAE%3D&reserved=0) * [Configure alerts with a query to ADX Azure Data Explorer or Azure Resource Graph](https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-create-log-alert-rule#configure-the-alert-rule-conditions) * Alerts * Features