Microsoft Azure Activity Log Analytics Power BI Solution Template. This template provides analytics on top of your Activity Log in the Azure Portal. Gain insight into the activities performed by various resources and people in your subscription. Get started with historical analysis on your last 90 days of Activity Log data, and let an Azure SQL database accumulate these historical events in addition to incoming events.

Getting Started

The first part of our experience is an installer that guides you through setting up a solution template. We prompt you for Azure credentials and ask if you would like to use a new or existing Azure SQL database to store your Activity Log data. All that is left to do now is hit Run, wait a few minutes for the pipeline to get set up, and download a Power BI Desktop file that comes with pre-defined reports.

Behind the scenes, the solution template spins up a total of three Azure Services:

  1. An ‘Event Hub’ that streams the Activity Log events in near real-time to Stream Analytics
  2. A ‘Stream Analytics’ job that processes the Activity Log events in near real-time and inserts the data into SQL
  3. An Azure SQL database which comes with a pre-defined schema for your Activity Log data

As soon as the solution template is spun up, the streaming pipeline awaits new activities, and you should almost immediately see data appear inside your Power BI reports.

Architecture diagram:

Azure Activity Log, Event Hub, Stream Analytics, Azure SQL, Power BI

Administrative Page

The “Administrative” page provides a high-level overview of your Activity Log data. View trends in events over time, or leverage cross-filtering and drill-down capabilities to get specific with your data. Key Performance Indicators (KPIs) here compare percentage of successful calls and number of failures over the last 7 days versus the 7 days before that. An example use case on this overview page allows you to find which user on your subscription is causing the most Stream Analytics events over the past 2 weeks.

Failures Page

The Failures page offers deeper insight into failures on your subscription. Observe week over week changes in the aggregate number of failures and percentage of failures. Choose a specific operation such as Update SQL server; from the table on the left, and drill down to learn exactly what failed.

User History Page

The User History page allows for deeper analysis on a per-individual basis, where you can observe which resource groups an individual is most active in, or compare successful versus failed operations over time. An example use case here is to view a caller’s activities and impacted resources from the past week, or to find which resource group is responsible for the spike in a caller’s failures yesterday afternoon.

Service Health Page

The Service Health page showcases any Azure Service Health announcements that may be relevant to you. Here, you can filter service health events by region, impacted service, type, and status. Peek at the summaries of your filtered service health events in the Snippets Browser custom visual, or click into the tiles for more details. This page can assist in diagnosing an issue – for example if you notice a spike in failures on the Failures page, head on over to the Service Health page and check to make sure the uptick is not related to some Azure service outage your region.