New articles under parent CI 6472

Author: amsliu

support/azure/azure-monitor/activity-logs/config-export/exporting-directory-level-activity-logs-to-event-hub.md

@@ -0,0 +1,52 @@
+---
+title: Exporting Directory Level Activity Logs to Event Hub
+description: Provides guidance on exporting directory-level activity logs to an Event Hub using Azure's management group level diagnostic settings.
+ms.date: 07/10/2025
+ms.reviewer: v-liuamson
+ms.service: azure-monitor
+ms.custom: I can’t configure export of Activity Logs
+---
+# Exporting Directory Level Activity Logs to Event Hub
+
+This article provides guidance on exporting directory-level activity logs to an Event Hub using Azure's management group level diagnostic settings. This process is essential for users who need to monitor and analyze activity logs efficiently.
+
+## Introduction
+
+Exporting directory-level activity logs to an Event Hub can be achieved through an API call that creates management group level diagnostic settings. This solution is particularly useful for organizations looking to centralize their log data for better analysis and monitoring.
+
+### Step-by-Step Instructions to Export Logs
+
+1. **Access Azure Portal**
+   - Navigate to the Azure portal and sign in with your credentials.
+
+2. **Locate Diagnostic Settings**
+   - Go to the **Azure Monitor** section.
+   - Select **Diagnostic settings** from the menu.
+
+3. **Create or Update Diagnostic Settings**
+   - Click on **Add diagnostic setting**.
+   - Choose the resource for which you want to export logs.
+
+4. **Configure Export to Event Hub**
+   - Under **Destination details**, select **Event Hub**.
+   - Provide the necessary **Event Hub namespace** and **Event Hub name**.
+   - Ensure the **Event Hub key ID** is correctly entered.
+
+5. **Save and Verify**
+   - Click **Save** to apply the settings.
+   - Verify that logs are being exported by checking the Event Hub for incoming data.
+
+### Common Issues and Solutions
+
+- **Issue:** Logs are not appearing in Event Hub.
+  - **Solution:** Double-check the Event Hub configuration and ensure the correct namespace and key ID are used.
+
+- **Issue:** Permission errors when setting up diagnostic settings.
+  - **Solution:** Ensure you have the necessary permissions to create or update diagnostic settings in Azure.
+
+Reference
+
+- [Azure Monitor Documentation](https://learn.microsoft.com/azure/monitoring/)
+- [Event Hubs Documentation](https://learn.microsoft.com/azure/event-hubs/)
+
+If the issue persists after following the solution steps, please open a support case for further assistance.

support/azure/azure-monitor/activity-logs/config-export/pushing-subscription-activity-logs-to-sentinel.md

@@ -0,0 +1,55 @@
+---
+title: Detailed Guide on Pushing Subscription Activity Logs to Sentinel
+description: Provides detailed instructions on how to push subscription activity logs to Sentinel.
+ms.date: 07/10/2025
+ms.reviewer: v-liuamson
+ms.service: azure-monitor
+ms.custom: I can’t configure export of Activity Logs
+---
+# Detailed Guide on Pushing Subscription Activity Logs to Sentinel
+
+This article provides guidance on how to push subscription activity logs to Sentinel using Azure's Diagnostic Settings. This process is essential for monitoring and analyzing activity logs effectively.
+
+## Introduction
+
+Users may encounter challenges when attempting to push subscription activity logs to Sentinel. This guide outlines the steps to configure Azure Diagnostic Settings to achieve seamless data transfer to Sentinel.
+
+### Step-by-Step Instructions to configure Azure Diagnostic Settings
+
+1. **Access Azure Portal**: Log in to your Azure account and navigate to the **Azure Portal**.
+
+2. **Navigate to Diagnostic Settings**:
+   - Go to the **Azure Monitor** section.
+   - Select **Diagnostic Settings** from the menu.
+
+3. **Configure Diagnostic Settings**:
+   - Choose the resource for which you want to configure the logs.
+   - Click on **Add Diagnostic Setting**.
+   - Name your setting and select the logs you wish to send to Sentinel.
+
+4. **Select Log Analytics Workspace**:
+   - Under the **Destination details**, choose **Send to Log Analytics**.
+   - Select the appropriate Log Analytics workspace where you want the logs to be sent.
+
+5. **Save Configuration**:
+   - Review your settings and click **Save** to apply the changes.
+
+6. **Verify Data Transfer**:
+   - Use the following query in your Log Analytics workspace to verify data transfer:
+
+        ```plaintext
+         AzureActivity | where SubscriptionId contains "<YourSubscriptionId>"
+        ```
+
+### Common Issues and Solutions
+
+- **Issue**: Logs are not appearing in Sentinel.
+    - **Solution**: Ensure that the correct Log Analytics workspace is selected and that the Diagnostic Settings are properly configured.
+
+## Reference
+
+- [Azure Sentinel Data Connectors Reference](https://learn.microsoft.com/azure/sentinel/data-connectors-reference)
+- [Azure Monitor Diagnostic Settings](https://learn.microsoft.com/azure/azure-monitor/platform/diagnostic-settings?tabs=CMD)
+- [Connect Services via Diagnostic Setting-Based Connector](https://learn.microsoft.com/azure/sentinel/connect-services-diagnostic-setting-based#connect-via-a-diagnostic-setting-based-connector-managed-by-azure-policy)
+
+If the issue persists after following the solution steps, please open a support case for further assistance.

support/azure/azure-monitor/activity-logs/config-export/resolving-log-limit-issues-in-azure-function-apps.md

@@ -0,0 +1,42 @@
+---
+title: Resolving Log Limit Issues in Azure Function Apps
+description: Provides step-by-step instructions to resolve log limit issues in Azure Function Apps.
+ms.date: 07/10/2025
+ms.reviewer: v-liuamson
+ms.service: azure-monitor
+ms.custom: I can’t configure export of Activity Logs
+---
+# Resolving Log Limit Issues in Azure Function Apps
+
+## Introduction
+
+This article addresses the issue of Azure Function Apps reaching their daily log limit, which prevents further logs from being sent. This can occur when the log volume exceeds the configured quota, impacting the application's performance and monitoring capabilities.
+
+### Step-by-Step Instructions to Resolve Log Limit Issues
+
+1. **Identify the Function App**: Navigate to the Azure portal and locate the specific Function App experiencing log issues.
+
+2. **Check Current Log Quota**: Access the **Application Insights** associated with the Function App. Review the current log quota settings to determine if they are being exceeded.
+
+3. **Evaluate Log Volume**: Analyze the logs to assess whether the increase in log volume is justified. Use **Azure Monitor** charts to visualize log trends and identify any anomalies.
+
+4. **Increase Log Quota**: If the log volume increase is reasonable, adjust the log quota in **Application Insights**. Go to the **Settings** section, select **Usage and estimated costs**, and modify the quota as needed.
+
+5. **Contact Function App Owner**: If the log increase is unexpected, reach out to the Function App owner for further troubleshooting. Ensure they are aware of the log limits and potential impacts.
+
+6. **Check Log Analytics Workspace**: Verify that the **Log Analytics Workspace** associated with the Application Insights does not have its own quota limitations that could affect logging.
+
+7. **Monitor for Bottlenecks**: After adjusting quotas, monitor the workspace for any potential bottlenecks that may arise due to increased log volumes.
+
+### Common Issues and Solutions
+
+- **Unexpected Log Volume**: If logs are unexpectedly high, investigate recent changes in the application or external factors contributing to the increase.
+- **Quota Adjustment**: Ensure that any quota adjustments are aligned with the application's monitoring needs and budget constraints.
+
+Reference
+
+- [Azure Monitor Documentation](https://learn.microsoft.com/azure/azure-monitor/)
+- [Application Insights Quota Management](https://learn.microsoft.com/azure/azure-monitor/app/pricing)
+- [Log Analytics Workspace Management](https://learn.microsoft.com/azure/azure-monitor/logs/manage-cost-storage)
+
+If the issue persists after following the solution steps, please open a support case for further assistance.

support/azure/azure-monitor/toc.yml

@@ -7,10 +7,16 @@ items:
     items: 
     - name: Configuring Export in Azure Portal
       items: 
-      - name: Diagnostic Settings Transition from Legacy Solutions
-        href: activity-logs/config-export/diagnostic-settings-transition-from-legacy-solutions.md
       - name: Understanding and Transitioning from Legacy to Diagnostic Settings for Azure Activity Logs
         href: activity-logs/config-export/understanding-and-transitioning-from-legacy-to-diagnostic-settings.md
+      - name: Diagnostic Settings Transition from Legacy Solutions
+        href: activity-logs/config-export/diagnostic-settings-transition-from-legacy-solutions.md
+      - name: Detailed Guide on Pushing Subscription Activity Logs to Sentinel
+        href: activity-logs/config-export/pushing-subscription-activity-logs-to-sentinel.md
+      - name: Exporting Directory Level Activity Logs to Event Hub
+        href: activity-logs/config-export/exporting-directory-level-activity-logs-to-event-hub.md
+      - name: Resolving Log Limit Issues in Azure Function Apps
+        href: activity-logs/config-export/resolving-log-limit-issues-in-azure-function-apps.md
 - name: Application Insights
   items:
   - name: OpenTelemetry troubleshooting

support/azure/azure-monitor/welcome-azure-monitor.yml

@@ -20,10 +20,16 @@ landingContent:
     linkLists:
       - linkListType: how-to-guide
         links:
-          - text: Diagnostic Settings Transition from Legacy Solutions
-            url: ./activity-logs/config-export/diagnostic-settings-transition-from-legacy-solutions.md
           - text: Understanding and Transitioning from Legacy to Diagnostic Settings for Azure Activity Logs
             url: ./activity-logs/config-export/understanding-and-transitioning-from-legacy-to-diagnostic-settings.md
+          - text: Diagnostic Settings Transition from Legacy Solutions
+            url: ./activity-logs/config-export/diagnostic-settings-transition-from-legacy-solutions.md
+          - text: Detailed Guide on Pushing Subscription Activity Logs to Sentinel
+            url: ./activity-logs/config-export/pushing-subscription-activity-logs-to-sentinel.md
+          - text: Exporting Directory Level Activity Logs to Event Hub
+            url: ./activity-logs/config-export/exporting-directory-level-activity-logs-to-event-hub.md
+          - text: Resolving Log Limit Issues in Azure Function Apps
+            url: ./activity-logs/config-export/resolving-log-limit-issues-in-azure-function-apps.md
 
   - title: Troubleshoot Azure Application Insights issues
     linkLists: