Configuring activity log alerts to be triggered on potential security breaches or risks.
This sample shows examples of configuring Activity Log Alerts for potential security breach or risk notifications. - Create a storage account - Setup an action group to trigger a notification to the security teams - Create an activity log alerts for storage account access key retrievals - List Storage account keys to trigger an alert. - Retrieve and show all activity logs that contains "List Storage Account Keys" operation name in the resource group for the past 7 days for the same Storage account.
Running this Sample
To run this sample:
Set the environment variable
AZURE_AUTH_LOCATION with the full path for an auth file. See how to create an auth file.
git clone https://github.com/Azure-Samples/monitor-dotnet-activitylog-alerts-on-security-breach-or-risk.git cd monitor-dotnet-activitylog-alerts-on-security-breach-or-risk dotnet build bin\Debug\net452\SecurityBreachOrRiskActivityLogAlerts.exe