Connecting Azure Log Analytics Workspace
Last updated
Was this helpful?
Last updated
Was this helpful?
RealmJoin Portal can display possible issues with Windows updates like by integrating with .
Also, RealmJoin Portal will use Log Analytics to store Audit Log information and archive Runbook execution data past the default limits of Azure Automation (currently 30 days).
RealmJoin will interact with both Log Analytics workspaces via an .
This app will be authenticated using a ClientId and ClientSecret. Using a certificate or Managed Identity is currently not supported.
Please grant the app "Monitoring Reader" permissions on the Log Analytics accounts used for and "Monitoring Contributor" for the Log Analytics account.
RealmJoin will also use the to write data directly into .
needs to be configured in your environment in order to leverage this feature. It will write update-related events into an . RealmJoin can read the events from this Log Analytics Workspace and display them on the.
RealmJoin can use a Log Analytics workspace to store its own audit logs as well as archive runbook logs after the maximum retention in Azure Automation (currently 30 days).
In the Azure Portal, navigate to Microsoft Entra ID > Manage > App Registrations.
Select the All Applications tab.
Choose your next step.
Select the "RealmJoin Runbooks Management" App Registration.
Navigate to Manage > Certificates & Secrets.
Select the "Client Secrets" tab.
Create a new client secret.
Set description and expiration according to your internal naming and security policies.
Navigating away from the Certificates & Secrets page will cause Azure to obfuscate the secret. The secret will not be retrievable and a new secret will need to be created.
In the Azure Portal, navigate to Log Analytics Workspace
Select Create
Provide a Resource Group, Name and Region as required
Navigate to the "Overview" tab
Resource Group Name
Workspace Name
Workspace ID
In the Azure Portal, navigate to Monitor > Workbooks
Search for "Windows Update for Business reports"
Save Settings
Windows Update for Business reports may take up to 24 hours to apply
Navigate to the subscription your Log Analytics Workspace resides in
Select Access Control (IAM)
Add a role assignment
Provide your App Registration with Monitoring Contributor permissions
Review and Save the role assignment
Fill in the fields: Tenant Details
TenantId: Please provide your Entra ID's tenant ID. Find this in the Entra ID Overview page
Azure App Registration Details
Windows Update for Business Workspace Details
Workspace Details
Customer Workspace Key: RealmJoin will act as an agent to Log Analytics. Please provide the "Primary Key" to this workspace, as to allow writing data to the workspace.
Press Save after filling out all fields. The system will give you feedback if everything worked.
Please be aware, in order to store logs for longer than 30 days, you will need to modify the , which is also set to 30 days by default.
If you have already , you can re-use your existing App Registration.
Securely note down the secret value to use in .
Note the following for
Set your Subscription and the Workspace previously create. If a separate Workspace is preferred for RealmJoin logs and Windows Update for Business reports, create a separate Workspace and link instead.
In the RealmJoin Portal, navigate to Settings > Log Analytics
ClientId: RealmJoin will interact with the LogAnalytics workspace via an . Please provide the app's ClientId/AppId and Secret, so that RealmJoin can authenticate.
ClientSecret: Used with the ClientId to provide access to RealmJoin. This is the secret made in .
Update Compliance Workspace Id: Please provide the Log Analytics Workspace's ID from which to collect data.
Subscription ID: Please provide the Subscription ID from the Log Analytics account. The subscription ID is viewable in the Subscription Overview page.
Resource Group: Please provide the Resource Group Name from the Log Analytics account.
Workspace Name: Please provide the Workspace Name from the Log Analytics account.
Customer Workspace Id: Please provide / create a Log Analytics workspace to store .