LogoLogo
LogoLogo
  • Welcome
    • Navigation
  • RealmJoin Deployment
    • Onboarding
    • Required Permissions
    • Infrastructure Considerations
      • Multi User Devices
    • Migration to RealmJoin vNext
  • User, Group and Device Management
    • Overview
    • User Profile
    • Organization Details
    • User, Group and Device Lists
      • Advanced Search
      • User Details
      • Group Details
      • Device Details
    • User and Group Settings
      • Available RealmJoin Policies
  • App Management
    • Packages
      • Package Store
        • Application Store Details
      • Package Management
      • Package Details
      • Package Assignments
        • Package Migration
      • Package Settings
      • Packaging Requests
        • Organic Packages
    • AVD Templates
  • Automation
    • Connecting Azure Automation
      • Required Permissions
      • Runbook Parameters
    • Runbooks
      • Runbook Customization
      • Runbook Permissions
      • Naming Conventions
      • Runbook Scheduling
      • Runbook Logs
        • Runbook Job Details
      • Runbooks Changelog
    • Requirements
    • Remediation Scripts
  • RealmJoin Agent
    • Features
      • Local Admin Password Solution (LAPS)
        • KeyVault
        • Application Insights
      • Notifications
      • AnyDesk Integration
        • AnyDesk configuration
      • App Deployment using the Agent
        • RealmJoin ESP
    • Deploying the Agent
    • User Interface
  • Logs
    • Connecting Azure Log Analytics Workspace
    • Audit Log
  • RealmJoin Settings
    • Overview
    • General
    • Roles and Permissions
      • Pre-defined Roles
      • Custom Roles
        • Available Permissions
    • Group Namespaces
    • Workplace Cloud Storage
    • Self Service Forms
  • Developer Reference
    • RealmJoin API
      • Authentication
    • Interacting with Runbooks
    • Simulating a Runbook Environment
    • Local Admin Password Management
  • Other
    • FAQ
      • Security
    • Troubleshooting
      • Package Installation Issues
        • Collecting Logfiles
        • Logfiles Structure
        • Analysing chocolatey.log
        • Troubleshooting failed chocolatey packages
        • Troubleshooting failed craft packages
        • Fixes for common issues
        • Intunewin Debugging
      • LAPS Issues
        • LAPS account passwords cannot be retrieved
        • Requested LAPS Accounts are not being created
    • Changelog
  • Legal
    • Licensing
    • Support
  • RealmJoin Website
Powered by GitBook
On this page
  • Overview
  • Components
  • Azure App Registration
  • Windows Update for Business Reports Integration
  • RealmJoin Audit Logs
  • Setup
  • Part 1 - Authentication using Azure App Registration
  • Part 2 - Creating a Log Analytics Workspace
  • Part 3 - Enabling Windows Update for Business Reports
  • Part 4 - Azure Permissions
  • Part 5 - Connecting RealmJoin and Azure Log Analytics Workspace

Was this helpful?

Edit on GitHub
  1. Logs

Connecting Azure Log Analytics Workspace

Last updated 7 months ago

Was this helpful?

Overview

RealmJoin Portal can display possible issues with Windows updates like by integrating with .

Also, RealmJoin Portal will use Log Analytics to store Audit Log information and archive Runbook execution data past the default limits of Azure Automation (currently 30 days).

Components

Azure App Registration

RealmJoin will interact with both Log Analytics workspaces via an .

You can reuse the App Registration "RealmJoin Runbook Management" which is created when .

This app will be authenticated using a ClientId and ClientSecret. Using a certificate or Managed Identity is currently not supported.

Please grant the app "Monitoring Reader" permissions on the Log Analytics accounts used for and "Monitoring Contributor" for the Log Analytics account.

RealmJoin will also use the to write data directly into .

Windows Update for Business Reports Integration

needs to be configured in your environment in order to leverage this feature. It will write update-related events into an . RealmJoin can read the events from this Log Analytics Workspace and display them on the.

You can use the same Log Analytics Account for both and . Please assign "Monitoring Contributor" permissions in this case.

RealmJoin Audit Logs

RealmJoin can use a Log Analytics workspace to store its own audit logs as well as archive runbook logs after the maximum retention in Azure Automation (currently 30 days).

Setup

Part 1 - Authentication using Azure App Registration

  1. In the Azure Portal, navigate to Microsoft Entra ID > Manage > App Registrations.

  2. Select the All Applications tab.

  3. Choose your next step.

  1. Select the "RealmJoin Runbooks Management" App Registration.

  2. Navigate to Manage > Certificates & Secrets.

  3. Select the "Client Secrets" tab.

  4. Create a new client secret.

    • Set description and expiration according to your internal naming and security policies.

If you have not integrated runbooks or prefer a separate app registration, do the following:

  1. Select "New Registration"

  2. Provide a Name

  3. Register the application

  4. Select the application

  5. Navigate to Manage > Certificates & Secrets

  6. Select the "Client Secrets" tab

  7. Create a new client secret

    • Set description and expiration according to your internal naming and security policies

Navigating away from the Certificates & Secrets page will cause Azure to obfuscate the secret. The secret will not be retrievable and a new secret will need to be created.

Part 2 - Creating a Log Analytics Workspace

  1. In the Azure Portal, navigate to Log Analytics Workspace

  2. Select Create

  3. Provide a Resource Group, Name and Region as required

  4. Navigate to the "Overview" tab

    1. Resource Group Name

    2. Workspace Name

    3. Workspace ID

Part 3 - Enabling Windows Update for Business Reports

  1. In the Azure Portal, navigate to Monitor > Workbooks

  2. Search for "Windows Update for Business reports"

  4. Save Settings

Windows Update for Business reports may take up to 24 hours to apply

Part 4 - Azure Permissions

  1. Navigate to the subscription your Log Analytics Workspace resides in

  2. Select Access Control (IAM)

  3. Add a role assignment

  4. Provide your App Registration with Monitoring Contributor permissions

  5. Review and Save the role assignment

Part 5 - Connecting RealmJoin and Azure Log Analytics Workspace

  2. Fill in the fields: Tenant Details

    • TenantId: Please provide your Entra ID's tenant ID. Find this in the Entra ID Overview page

    Azure App Registration Details

    Windows Update for Business Workspace Details

    Workspace Details

    • Customer Workspace Key: RealmJoin will act as an agent to Log Analytics. Please provide the "Primary Key" to this workspace, as to allow writing data to the workspace.

  3. Press Save after filling out all fields. The system will give you feedback if everything worked.

Please be aware, in order to store logs for longer than 30 days, you will need to modify the , which is also set to 30 days by default.

If you have already , you can re-use your existing App Registration.

Securely note down the secret value to use in .

Note the following for

Set your Subscription and the Workspace previously create. If a separate Workspace is preferred for RealmJoin logs and Windows Update for Business reports, create a separate Workspace and link instead.

In the RealmJoin Portal, navigate to Settings > Log Analytics

ClientId: RealmJoin will interact with the LogAnalytics workspace via an . Please provide the app's ClientId/AppId and Secret, so that RealmJoin can authenticate.

ClientSecret: Used with the ClientId to provide access to RealmJoin. This is the secret made in .

Update Compliance Workspace Id: Please provide the Log Analytics Workspace's ID from which to collect data.

Subscription ID: Please provide the Subscription ID from the Log Analytics account. The subscription ID is viewable in the Subscription Overview page.

Resource Group: Please provide the Resource Group Name from the Log Analytics account.

Workspace Name: Please provide the Workspace Name from the Log Analytics account.

Customer Workspace Id: Please provide / create a Log Analytics workspace to store .

workspace's default data retention
integrated with Azure Runbooks
Windows Update SafeGuard Holds
Windows Update for Business Reports
Entra ID application registration
onboarding runbooks
Windows Update for Business Reports
Azure Log Analytics Workspace
device's details page
Windows Update for Business Reports
Windows Update for Business Reports Integration
RealmJoin Audit logs
Customer Workspace Key
RealmJoin Audit Logs
RealmJoin Audit Logs
Part 5
Part 5
Azure App Registration
Part 1
Windows Update for Business Reports
RealmJoin Audit Logs
RealmJoin Audit Logs
RealmJoin Audit Logs
RealmJoin audit log and runbook log data
Log Analytics Settings Page