Closed Dhaval8951 closed 3 months ago
@Dhaval8951 Thanks for your feedback! We will investigate and update as appropriate.
The Azure Monitor team is urgently working to resolve this issue. I do not have an ETA, but multiple engineers are currently working on this issue.
@JeffreyWolford Much appreciated response, Thank you for this.
May I know that mentioned field/attribute will going to be introduced in AMA logs or if it is possible what kind of solution will be provided for this to identify whether security audit is success or failure ?
Warmest Regards, Dhavalkumar Chauhan
CC @PesalaPavan
Hi @guywi-ms
Greetings of the Day !
Can you please provide any kind of update you have that you can share with us ?
It is blocking us, because of Audit Success or Audit Failure is identification is not present in AMA Security logs.
Warmest Regards Dhavalkumar Chauhan
Hi @Dhaval8951 Hope you're well! @JeffreyWolford can you please update @Dhaval8951? I believe this is a product issue.
Thanks for your dedication to our documentation. This issue has been moved to an internal work item for triage and prioritization. Thanks in advance for your understanding as we investigate to provide the most accurate documentation updates. #please-close
Internal work item: https://dev.azure.com/msft-skilling/Content/_workitems/edit/262449
Please also note that GitHub documentation issues are being phased out completely. For more information see: https://aka.ms/ContentUserFeedback.
Our support team is available to assist you if you have any pressing questions or problems that need to be resolved. You can create a support ticket by visiting the following link: https://azure.microsoft.com/support/create-ticket/
You may also ask support questions to our Q&A forums or on Stack Overflow when the questions are related to coding.
Hello Team,
I am working on implementation that requires keyword field to identify whether Audit is failed or success, But in Recent AMA logs, I am not able to find keyword field.
Example : In old logs format For example below URL mentioned logs has Keyword field associated with it. Which is not present in new log format.
https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-10/security/threat-protection/auditing/event-4740
In new log format : keyword field is not present. How can I check whether Security Auditing event is success or failed. https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-windows-events
Any help would be much appreciated. Thanks In Advance Dhavalkumar Chauhan
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.