Learn how to set up diagnostic logging for Azure AI Speech Service effectively. Discover the best practices for log categories, destinations, and cost control while ensuring accountability and seamless integration with Microsoft Sentinel.
Table of Contents
Question
You work for Xerigon Inc., a Canadian company. You want to configure diagnostic logging for the Azure AI Speech service.
Developers require access to logs, the ability to run queries on the logs, and integrating with Microsoft Sentinel. The logs should be available for at least 30 days but no more than 60 days.
They also need to track system changes and user actions for accountability purposes and provide specific information regarding an application’s solicitations to and acknowledgments from the service.
You want to control costs. You do not need to capture information regarding the execution of code within an application.
How should you configure the diagnostic settings?
Choose the appropriate settings for the Categories and Destination details sections.
Setting:
- Audit Logs
- Request and Response Logs
- Trace Logs
- Send to Log Analytics workspace
- Archive to a storage account
- Stream to an event hub
Answer
Categories:
- Audit Logs
- Request and Response Logs
Destination Details:
- Send to Log Analytics workspace
Explanation
You would configure the Log Analytics workspace. You can export the Activity Log to a Log Analytics workspace, Event Hub, or storage account. The Log Analytics workspace is the most powerful of these solutions. You can use it to collect resource logs and analyze them with other monitoring data collected by queries in Azure Monitor logs. The Log Analytics platform allows you to search logs and integrate the Log Analytics workspace with Microsoft Sentinel SIEM. You can create alerts based on searches. You can use the alerts to be notified of critical conditions or patterns identified in your resource logs. Results of log queries can be pinned to an Azure dashboard, included in a workbook, or stored in an interactive report. These features would be helpful for auditors to see detailed diagnostic and auditing information from Azure resources.
You would send the logs to a Log Analytics workspace because it enables querying options using the KUSTO language, and also the results can be exported to Excel with two clicks for further analyzing. The following example of a KUSTO query will display the count of records in the activity log:
AzureActivity | summarize count() by CategoryValue
You can store logs by archiving to a storage account, streaming to an event hub, or sending to Azure Monitor from a Log Analytics workspace. You can use Azure Monitor logs for real-time monitoring and viewing trends. You can have the logs from the Log Analytics workspace sent to the Azure Monitor logs where you can run queries, export to a .csv file, and use log alerts and workbooks. You cannot do this by archiving to a storage account or streaming to an event hub.
An event hub is used when you want to send monitoring data to non-Microsoft tools such as third-party SIEMs. If you need to store Activity Log events for 90 days or less, you could stream the Activity Log to Event Hub. Event Hub can receive and process millions of events per second. It is ideal for logging to a third-party or telemetry system. In this scenario, you would need to use the Log Analytics workspace in Azure Monitor to provide detailed auditing and diagnostic information. Storing the Activity Log in Event Hub does not allow an auditor to search the logs in an easy way.
You can use storage accounts when logs need to be kept and reviewed for longer periods, which is not needed in this scenario.
You would configure Audit Logs and Request and Response Logs. Audit logs track any user and system actions or changes. Request and Response logs provide specifics regarding requests made to and acknowledgements from the service.
You would not choose Trace Logs. Trace logs provide detailed information regarding the execution of code within an application.
Microsoft Azure AI Engineer Associate AI-102 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Microsoft Azure AI Engineer Associate AI-102 exam and earn Microsoft Azure AI Engineer Associate AI-102 certification.