The following steps explain how to enable change notifications private preview on your Azure subscription and how to configure an Azure Monitor alert on specific changes. This private preview is part of the Application Change Analysis feature in Azure Monitor.
- You should have an Azure subscription.
- Email [email protected] with your subscription ID to enable notifications
- Install Azure PowerShell Az module
- Create a Log Analytics workspace in the Azure portal
-
Download this script
- Clone this repository to get ChangeNotifications.ps1
-
Obtain values for the following parameters from your Azure subscription and Log Analytics workspace
- Subscription ID
- Workspace ID
- Go to Log Analytics workspace. Choose Properties Menu item and copy workspace ID. See Figure 1
- Workspace Resource ID
- Go to Log Analytics workspace. Choose Properties Menu item and copy resource ID. See Figure 1
- WorkspaceSubscriptionId
- This is an optional parameter if Workspace is in a different subscription than the resources with changes to be tracked
Figure 1: Get workspace properties
- Location
- Use the location for your Log Analytics workspace
- IncludeChangeDetails – anyone who has READ access to the workspace may potentially see sensitive information (the old/new value. i.e. connection string) for the workspace from the old/new values field. Including the details in the change event will enable you to view it in the alert itself. Otherwise you can use the deep link property in the change event to view the old/new values in Application Change Analysis service.
- Enable/Disable
- Enable/disable sending change event to the Log Analytics workspace, which would in turn trigger the alert
-
Run the script
- Launch a PowerShell command prompt
- Login to your Azure account
Connect-AzAccount- (Optional) select your Azure subscription
$context = Get-AzSubscription -SubscriptionId <your_subscriptionId> Set-AzContext $context- Use the parameters obtained above to run the script. You may have to set execution policy. Please refer to About Execution Policies
.\ChangeNotifications.ps1 -SubscriptionId <your_subscriptionId> -ActivationState Enabled -IncludeChangeDetails Include -WorkspaceId <your_workspaceId> -WorkspaceResourceId "<your_resourceId_keepTheDoubleQuotes>" -Location <your_location>
-
Make a change by adding a slot to your web app
-
Go to the Log Analytics workspace. You should see MicrosoftChangeAnalysis_ChangeEvent_CL under Custom Logs. Run a query to see results
Figure 2: view change events in Log Analytics workspace
-
Go to Alerts and configure a custom log alert on change. Refer to Create, view, and manage log alerts using Azure Monitor
- Based on if configured ‘include change details’, user can either see the old/new value or click on deep link
