How to find diagnostic setting(AuditEvent) for KeyVault

Question

I am able to find out the diagnostic setting for KeyVault - when I enable it individually by selecting the specified category - AuditEvent using the command Get-AzDiagnosticSetting

But when I enable it by selecting Category Groups - audit & allLogs above command does not return any output.

Is there any alternative approach to check if AuditEvent logging is enabled for KeyVault?

Thanks!

score 0 · Answer 1 · answered May 25 '22 at 02:28

0

You can use this Azure Management REST API Diagnostic Settings-Get to get the active Diagnostic settings for the specified resource. I have tested this from my end it is working fine.

Here is the sample screenshot for reference:

answered May 25 '22 at 02:28

VenkateshDodda

4,723
1
3
12

Is there a way to derive the same information using AZ PowerShell Module? – Prashant Shete May 26 '22 at 04:22
@PrashantShete, you cannot pull the diagnostic settings which were created with category/groups using powershell cmdlets. Alternatively you can use [az monitor diagnostic-settings categories](https://learn.microsoft.com/en-us/cli/azure/monitor/diagnostic-settings/categories?view=azure-cli-latest#az-monitor-diagnostic-settings-categories-show) show cmdlets to pull the diagnostic settings of the resource. – VenkateshDodda May 27 '22 at 11:49

How to find diagnostic setting(AuditEvent) for KeyVault

1 Answers1