Azure Storage for File Storage
Question
A company plans to use Azure Storage for file storage purposes. Compliance rules require:
-> A single storage account to store all operations including reads, writes and deletes
-> Retention of an on-premises copy of historical operations
You need to configure the storage account.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D. E.AB
Storage Logging logs request data in a set of blobs in a blob container named $logs in your storage account. This container does not show up if you list all the blob containers in your account but you can see its contents if you access it directly.
To view and analyze your log data, you should download the blobs that contain the log data you are interested in to a local machine. Many storage-browsing tools enable you to download blobs from your storage account; you can also use the Azure Storage team provided command-line Azure Copy Tool (AzCopy) to download your log data.
To meet the compliance requirements of storing all read, write and delete operations for Azure Storage in a single storage account and retaining an on-premises copy of historical operations, you should perform the following two actions:
- Configure the storage account to log read, write and delete operations for the required service types:
Azure Storage provides logging capabilities to capture the activities occurring in a storage account. You can configure logging for specific service types such as blob, table or queue. In this case, since the company plans to use Azure Storage for file storage purposes, you need to configure the storage account to log read, write and delete operations for service type Blob. To configure logging, follow these steps:
- In the Azure portal, open the storage account.
- Under Monitoring, select Logging.
- Select the Blob service from the Service drop-down list.
- Select the desired retention period for the logs. The retention period must be long enough to satisfy compliance requirements.
- Choose the Storage Account where you want to store the logs.
- Enable the logs to start capturing activities in the storage account.
- Use AzCopy to download log data from $logs/blob:
AzCopy is a command-line tool provided by Microsoft to copy data to and from Azure Storage. You can use AzCopy to download the log data for blob service operations from $logs/blob folder in the storage account to an on-premises location. To use AzCopy, follow these steps:
- Download and install AzCopy if you haven't already done so.
- Open a command prompt or PowerShell window.
- Run the following command to download the logs:
phpazcopy copy "https://<your-storage-account-name>.blob.core.windows.net/$logs/blob/<year>/<month>/<day>/<hour>/*" "C:\logs" --recursive This command downloads all logs for the specified hour to the C:\logs folder on your local machine. You can modify the command to download logs for different time intervals as needed.
Note that it's important to store the downloaded logs securely on-premises to meet compliance requirements.
Option C and D are not correct because they refer to table service, which is not relevant to file storage. Option E is not correct because it refers to queue service, which is also not relevant to file storage.
