How to Retrieve Diagnostics Logs for an Azure Storage Account
Question
You are troubleshooting a security issue for an Azure Storage account.
You enable the diagnostic logs for the storage account.
What should you use to retrieve the diagnostics logs?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.D
If you want to download the metrics for long-term storage or to analyze them locally, you must use a tool or write some code to read the tables. You must download the minute metrics for analysis. The tables do not appear if you list all the tables in your storage account, but you can access them directly by name.
Many storage-browsing tools are aware of these tables and enable you to view them directly (see Azure Storage Client Tools for a list of available tools).
Microsoft provides several graphical user interface (GUI) tools for working with the data in your Azure Storage account. All of the tools outlined in the following table are free.
Note:
There are several versions of this question in the exam. The questions in the exam have two different correct answers:
1. Azure Storage Explorer
2. AZCopy
Other incorrect answer options you may see on the exam include the following:
1. SQL query editor in Azure
2. File Explorer in Windows
3. Azure Monitor
https://docs.microsoft.com/en-us/azure/storage/common/storage-analytics-metrics?toc=%2fazure%2fstorage%2fblobs%2ftoc.json https://docs.microsoft.com/en-us/azure/storage/common/storage-explorersIf you have enabled diagnostic logs for an Azure Storage account, you can retrieve the logs using the Azure Storage Analytics feature. To access the logs, you have a few options, including:
Azure portal: You can use the Azure portal to view the logs by navigating to the storage account, selecting "Storage Analytics" from the menu, and then selecting the logs you want to view.
Azure Storage Explorer: You can use Azure Storage Explorer to retrieve the logs by connecting to the storage account and then selecting the logs you want to view.
PowerShell or Azure CLI: You can use PowerShell or Azure CLI to retrieve the logs programmatically.
AzCopy: AzCopy is a command-line tool that you can use to copy data to and from Azure Storage. However, it is not the recommended method for retrieving diagnostic logs.
Given the options in the question, the best answer is Azure Storage Explorer (not listed). Of the options provided, none are ideal for retrieving diagnostic logs from an Azure Storage account. The closest option is AzCopy, but it is not recommended for this purpose. The other options (Security & Compliance admin center, Azure Security Center, and Azure Cosmos DB explorer) are not relevant to retrieving diagnostic logs for an Azure Storage account.