Monitor Dashboard and application insights ?

[Crazyabout]

I am very new to Azure resources. When i deploy a custom organization i see that next to the storage account a Dashboard and a Insights resource are getting deployed. My understanding is that I can see logs like failed controls are being monitored. But when I check these resources both are empty when are there being logs written to these resources ? Can i check if these logs are even being saved in Azure ?

*Probably you guys already noted this somewhere but I somehow can't see it. sorry for the dumb question in that case.

[Khushboo-msft]

You may need to update the org policy to include the "-StorageAccountName" and "-AppInsightName".

Update-AzSKOrganizationPolicy -SubscriptionId <SubscriptionId> `
   -OrgName "Contoso-IT" `           
   -ResourceGroupName "Contoso-IT-RG" `
   -StorageAccountName "contosoitsa" `
   -AppInsightName "ContosoITAppInsight" `
   -PolicyFolderPath "D:\ContosoPolicies"

Check Option 1 -> Step 3 here.

[Crazyabout]

I keep getting this warning when i deploy the update command Warning: The current subscription has been configured with DevOps kit policy for the 'security' Org, However the DevOps kit command is running with a different ('Security_scan_Azure_Environment') Org policy.

Even when i executed the IWR command and restarted my Powershell session. like this

Could it be that this is the problem ?

[Khushboo-msft]

That should not be a problem.

If you are running the scans locally, please check whether the AzSK toolkit is configured to send data to the given Applications Insights account from your machine here.

[Crazyabout]

I run the scan in my CI / CD pipeline. Do i need to provide the instumental key in my variable ?

[Khushboo-msft]

Could you please check if the AzSKServerURL in the pipeline has the url of your new Custom org policy.

1. Run the command Get-AzSKInfo -InfoType HostInfo
2. The value of OnlinePolicyStoreURL and EnableAADAuthForOnlinePolicyStore should be used for the variable AzSKServerURL and EnableServerAuth in the ARMTemplateChecker task.

For detailed steps you can refer this.

[Crazyabout]

yeah it has the right url The custom organization is rightly setup But the log analytics nor the dashboard have any data. So I guess there is some setting where i didn't setup the log anlytics right

[Plork]

I have the same issue. The log analytics is being filled. But the App insights stays empty. (and so does the dashboard).

the Get-AzSKInfo -InfoType HostInfo does show the correct info.

I did use custom names for the resources group / workspace / automation account etc.

I am gonna try and redo the install with the default resource group names etc and set aside my OCD for a minute.