The below are general Azure Reports that provide you a comprehensive view of activity in your environment thus enables you to determine how your apps and services are utilized by your users, helps you troubleshoot issues preventing them from impacting your users from getting their work done and so on.
Most of these reports are readily available and can be downloaded as CSV using UI & PowerShell.
Activity Log Reports
The Activity log is a platform log in Azure that provides insight into subscription-level events.
This includes such information as when a resource is modified or when a virtual machine is started.
- Go to resource group
- Select a resource such as Virtual Machine
- Select Activity log
- Select Timespan e.g. Last Month
- Refresh the result
- Download file in CSV format
The below is the screenshot of Activity Logs for a virtual machine.
PowerShell to download Activity Logs.
Get-AzLog -ResourceGroup ExampleGroup Get-AzLog -ResourceGroup ExampleGroup -StartTime (Get-Date).AddDays(-14) -Caller someone@contoso.com
SQL Vulnerability Reports
SQL Vulnerability Assessment is a service that provides visibility into your security state.
Vulnerability Assessment includes actionable steps to resolve security issues and enhance your database security.
Vulnerability Assessment is a scanning service built into Azure SQL Database.
The service employs a knowledge base of rules that flag security vulnerabilities.
It highlights deviations from best practices, such as misconfigurations, excessive permissions, and unprotected sensitive data.
- Go to SQL Databases
- Select Advanced data security
- Select Vulnerability Assessment
- Refresh the result
- Download file in CSV format
The below is the screenshot of SQL Database Vulnerability Report
PowerShell to Export a Vulnerability Assessment scan to Excel file
$scanResult = Invoke-SqlVulnerabilityAssessmentScan -ServerInstance "MyComputer\MainInstance" -Database some_database $scanResult | Export-SqlVulnerabilityAssessmentScan -FolderPath "ScanResult.xlsx"
IAM / RBAC Report
Azure role-based access control (Azure RBAC) is the authorization system you use to manage access to Azure resources.
To determine what resources users, groups, service principals, or managed identities have access to, you list their role assignments.
- Go to Resource groups
- Select Access Control (IAM)
- Click on the Role Assignments
- Download Role Assignments as CSV
PowerShell to get all the roles that are assigned to a specified user and the roles that are assigned to the groups to which the user belongs
Get-AzRoleAssignment -SignInName isabella@example.com -ExpandPrincipalGroups | FL DisplayName, RoleDefinitionName, Scope
The below is the screenshot of IAM User Report for a Resource Group.
Active Directory – All Users/Groups Reports
This report gives you list of all users as well as groups and members within them.
- All Groups
- Go to Azure Active directory
- Select a group e.g. ADMIN
- Select members
- Refresh the results
- Download file in CSV format
- All Users
- Go to Azure Active directory
- Select Users
- Select all
- Refresh the results
- Download file in CSV format
PowerShell to export first 500 users to a CSV file
Get-AzADUser -First 500 | export-csv file.csv
AD Audit Log Reports
Audit logs provides traceability through logs for all changes done by various features within Azure AD.
Examples of audit logs include changes made to any resources within Azure AD like adding or removing users, apps, groups, roles and policies.
- Go to Azure Active Directory
- Select Audit Logs
- Select a period e.g. last 24 hours
- Refresh the results
- Download file in CSV format
Below is the PowerShell to Get all audit logs with a given result
Get-AzureADAuditDirectoryLogs -Filter "result eq 'success'" Get-AzureADAuditDirectoryLogs -Filter "result eq 'failure'" -All $true
Complete Azure Resource List Reports –
- Go to All Resources
- Refresh the results
- Download file in CSV format
Below is the PowerShell to get all resources in a resource group
Get-AzResource -ResourceGroupName testRG | ft
Actual Cost Analysis & Forecast Reports
It helps you understand your Azure invoice (bill), manage your billing account and subscriptions, monitor and control Azure spending and optimize resource use
- The below are the steps
- Go to Cost Management
- Select Cost Management
- Select Cost Analysis
- Set Group by = Resources & Granularity = Daily
- Download as CSV
SQL Database Monitoring Reports
You can quickly monitor a variety of resource metrics in the Azure SQL DB portal in the Metrics view.
These metrics enable you to see if a database is reaching 100% of processor, memory, or IO resources. High DTU or processor percentage, as well as high IO percentage, indicates that your workload might need more CPU or IO resources.
It might also indicate queries that need to be optimized.
- Go to SQL Databases
- Select Monitoring – Metrics
- Select Timespan e.g. Last 30 days
- Generate database load for below metrices
- DTU Percentage (Max)
- DTU Percentage (Avg)
- Data I/O (Max)
- Data I/O (Avg)
- Failed Connections (sum)
- Successful Connection (sum)
- Workers Percentage (Max)
- Workers Percentage (Avg)
- CPU Percentage (Max)
- CPU Percentage (Avg)
- SQL Server Process Core Percentage (Max)
- SQL Server Process Core Percentage (Avg)
The below is the screenshot of Database Load for filters = CPU Percentage (Avg)
App Service Load Reports
You can calculate App Service performance and monitor them for below metrices.
- Go to App Service
- Select Monitoring – Metrics
- Select Timespan e.g. Last 30 days
- Generate App Service load for below metrices
- Connection (Max)
- Connection (Avg)
- Requests (Max)
- Requests (Avg)
- Thread Count (Max)
- Thread Count (Avg)
- CPU Time (Max)
- CPU Time (Avg)
- Response Time (Max)
- Response Time (Avg)
- Memory Working Set (Max)
- Memory Working Set (Avg)
- Private Bytes (Max)
- Private Bytes (Avg)
- Average Response Time (Max)
- Average Response Time (Avg)
The below is the screenshot of App Service Load for Filters = Response Time (Avg)
Azure Security Center Reports
Azure Security Center generates detailed security alerts and recommendations.
It helps you identify and perform the hardening tasks recommended as security best practices and implement them across your machines, data services, and apps.
This includes managing and enforcing your security policies, and making sure your Azure virtual machines, non-Azure servers, and Azure PaaS services are compliant.
- Go to Azure Portal
- Select Security Center
- Download a CSV for Azure Recommendations
- Go to Azure Portal
- Select Security Center
- Download a CSV for Azure Inventories (VM’s, Storage Accounts & Servers)
- Go to Azure Portal
- Select Security Center
- Download a CSV for Azure Security Alerts
Conclusion
In conclusion, this Handbook offers a collection of valuable reports that provide comprehensive insights into various aspects of your Azure environment.
From activity logs and vulnerability assessments to IAM reports and security alerts, these reports empower you to optimize resource usage, enhance security, and effectively manage your Azure services and applications.
Leveraging these reports allows you to make informed decisions, troubleshoot issues, and ensure the smooth functioning of your Azure resources.
