Overview
Blob Storage Audit Logging is a feature of Azure Blob Storage that allows you to track and monitor access to your blobs. It provides detailed information about who accessed your blobs, when, and what actions were performed. This feature can help you identify and respond to security incidents or unauthorized access to your data more effectively (SIEM).
The following categories of Logs are available to export to Storage Account or EventHub.
- Storage Read
- Storage Write
- Storage Delete
Prerequisites
Setup
- Navigate to the relevant Storage Account in the Azure portal
- Search for "Diagnostic settings" in the left navigation menu
- Click on
blobunder the storage account - Click on "Add Diagnostic Setting"
- Select the desired log categories to export:
- Storage Read
- Storage Write
- Storage Delete
- Configure the destination details as "Stream to an Event Hub" and select the Event Hub namespace and Event Hub name created during the EventHub Setup
- Save the diagnostic settings
That's it! You have successfully set up logging for your Azure Blob Storage.
Blob Storage Diagnostic Settings