Merge pull request #106819 from bwren/am-activity-log

Azure Monitor activity log export links

Author: shawnmariejones

articles/azure-monitor/platform/data-sources.md

@@ -68,8 +68,8 @@ The [Azure Activity log](platform-logs-overview.md) includes service health reco
 |:---|:---|
 | Activity log | The Activity log is collected into its own data store that you can view from the Azure Monitor menu or use to create Activity log alerts. | [Query the Activity log in the Azure portal](activity-log-view.md#azure-portal) |
 | Azure Monitor Logs | Configure Azure Monitor Logs to collect the Activity log to analyze it with other monitoring data. | [Collect and analyze Azure activity logs in Log Analytics workspace in Azure Monitor](activity-log-collect.md) |
-| Azure Storage | Export the Activity log to Azure Storage for archiving. | [Archive Activity log](activity-log-export.md#archive-activity-log)  |
-| Event Hubs | Stream the Activity log to other locations using Event Hubs | [Stream Activity log to Event Hub](activity-log-export.md#stream-activity-log-to-event-hub). |
+| Azure Storage | Export the Activity log to Azure Storage for archiving. | [Archive Activity log](resource-logs-collect-storage.md)  |
+| Event Hubs | Stream the Activity log to other locations using Event Hubs | [Stream Activity log to Event Hub](resource-logs-stream-event-hubs.md). |
 
 ### Azure Service Health
 [Azure Service Health](../../service-health/service-health-overview.md) provides information about the health of the Azure services in your subscription that your application and resources rely on.
@@ -97,7 +97,7 @@ Most Azure services will send [platform metrics](data-platform-metrics.md) that
 ### Resource logs
 [Resource logs](platform-logs-overview.md) provide insights into the _internal_ operation of an Azure resource.  Resource logs are created automatically, but you must create a diagnostic setting to specify a destination for them to collected for each resource.
 
-The configuration requirements and content of resource logs vary by resource type, and not all services yet create them. See [Supported services, schemas, and categories for Azure resource logs](diagnostic-logs-schema.md) for details on each service and links to detailed configuration procedures. If the service isn’t listed in this article, then that service doesn’t currently create resource logs.
+The configuration requirements and content of resource logs vary by resource type, and not all services yet create them. See [Supported services, schemas, and categories for Azure resource logs](diagnostic-logs-schema.md) for details on each service and links to detailed configuration procedures. If the service isn't listed in this article, then that service doesn't currently create resource logs.
 
 | Destination | Description | Reference |
 |:---|:---|:---|

articles/azure-monitor/platform/diagnostic-settings-legacy.md

@@ -1,5 +1,5 @@
 ---
-title: Collect Azure Activity log with diagnostic settings (preview) - Azure Monitor | Microsoft Docs
+title: Collect Azure Activity log with diagnostic settings - Azure Monitor | Microsoft Docs
 description: Use diagnostic settings to forward Azure Activity logs to Azure Monitor Logs, Azure storage, or Azure Event Hubs.
 author: bwren
 

articles/azure-monitor/platform/resource-logs-blob-format.md

@@ -12,7 +12,7 @@ ms.subservice: logs
 # Prepare for format change to Azure Monitor platform logs archived to a storage account
 
 > [!WARNING]
-> If you are sending [Azure resource logs or metrics to a storage account using diagnostic settings](resource-logs-collect-storage.md) or [activity logs to a storage account using log profiles](activity-log-export.md), the format of the data in the storage account changed to JSON Lines on Nov. 1, 2018. The instructions below describe the impact and how to update your tooling to handle the new format.
+> If you are sending [Azure resource logs or metrics to a storage account using diagnostic settings](resource-logs-collect-storage.md) or [activity logs to a storage account using log profiles](resource-logs-collect-storage.md), the format of the data in the storage account changed to JSON Lines on Nov. 1, 2018. The instructions below describe the impact and how to update your tooling to handle the new format.
 >
 
 ## What changed
@@ -54,60 +54,60 @@ The current format of the PT1H.json file in Azure blob storage uses a JSON array
 
 ```json
 {
-	"records": [
-		{
-			"time": "2016-01-05T01:32:01.2691226Z",
-			"resourceId": "/SUBSCRIPTIONS/361DA5D4-A47A-4C79-AFDD-XXXXXXXXXXXX/RESOURCEGROUPS/CONTOSOGROUP/PROVIDERS/MICROSOFT.KEYVAULT/VAULTS/CONTOSOKEYVAULT",
-			"operationName": "VaultGet",
-			"operationVersion": "2015-06-01",
-			"category": "AuditEvent",
-			"resultType": "Success",
-			"resultSignature": "OK",
-			"resultDescription": "",
-			"durationMs": "78",
-			"callerIpAddress": "104.40.82.76",
-			"correlationId": "",
-			"identity": {
-				"claim": {
-					"http://schemas.microsoft.com/identity/claims/objectidentifier": "d9da5048-2737-4770-bd64-XXXXXXXXXXXX",
-					"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "live.com#[email protected]",
-					"appid": "1950a258-227b-4e31-a9cf-XXXXXXXXXXXX"
-				}
-			},
-			"properties": {
-				"clientInfo": "azure-resource-manager/2.0",
-				"requestUri": "https://control-prod-wus.vaultcore.azure.net/subscriptions/361da5d4-a47a-4c79-afdd-XXXXXXXXXXXX/resourcegroups/contosoresourcegroup/providers/Microsoft.KeyVault/vaults/contosokeyvault?api-version=2015-06-01",
-				"id": "https://contosokeyvault.vault.azure.net/",
-				"httpStatusCode": 200
-			}
-		},
+    "records": [
         {
-			"time": "2016-01-05T01:33:56.5264523Z",
-			"resourceId": "/SUBSCRIPTIONS/361DA5D4-A47A-4C79-AFDD-XXXXXXXXXXXX/RESOURCEGROUPS/CONTOSOGROUP/PROVIDERS/MICROSOFT.KEYVAULT/VAULTS/CONTOSOKEYVAULT",
-			"operationName": "VaultGet",
-			"operationVersion": "2015-06-01",
-			"category": "AuditEvent",
-			"resultType": "Success",
-			"resultSignature": "OK",
-			"resultDescription": "",
-			"durationMs": "83",
-			"callerIpAddress": "104.40.82.76",
-			"correlationId": "",
-			"identity": {
-				"claim": {
-					"http://schemas.microsoft.com/identity/claims/objectidentifier": "d9da5048-2737-4770-bd64-XXXXXXXXXXXX",
-					"http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "live.com#[email protected]",
-					"appid": "1950a258-227b-4e31-a9cf-XXXXXXXXXXXX"
-				}
-			},
-			"properties": {
-				"clientInfo": "azure-resource-manager/2.0",
-				"requestUri": "https://control-prod-wus.vaultcore.azure.net/subscriptions/361da5d4-a47a-4c79-afdd-XXXXXXXXXXXX/resourcegroups/contosoresourcegroup/providers/Microsoft.KeyVault/vaults/contosokeyvault?api-version=2015-06-01",
-				"id": "https://contosokeyvault.vault.azure.net/",
-				"httpStatusCode": 200
-			}
-		}
-	]
+            "time": "2016-01-05T01:32:01.2691226Z",
+            "resourceId": "/SUBSCRIPTIONS/361DA5D4-A47A-4C79-AFDD-XXXXXXXXXXXX/RESOURCEGROUPS/CONTOSOGROUP/PROVIDERS/MICROSOFT.KEYVAULT/VAULTS/CONTOSOKEYVAULT",
+            "operationName": "VaultGet",
+            "operationVersion": "2015-06-01",
+            "category": "AuditEvent",
+            "resultType": "Success",
+            "resultSignature": "OK",
+            "resultDescription": "",
+            "durationMs": "78",
+            "callerIpAddress": "104.40.82.76",
+            "correlationId": "",
+            "identity": {
+                "claim": {
+                    "http://schemas.microsoft.com/identity/claims/objectidentifier": "d9da5048-2737-4770-bd64-XXXXXXXXXXXX",
+                    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "live.com#[email protected]",
+                    "appid": "1950a258-227b-4e31-a9cf-XXXXXXXXXXXX"
+                }
+            },
+            "properties": {
+                "clientInfo": "azure-resource-manager/2.0",
+                "requestUri": "https://control-prod-wus.vaultcore.azure.net/subscriptions/361da5d4-a47a-4c79-afdd-XXXXXXXXXXXX/resourcegroups/contosoresourcegroup/providers/Microsoft.KeyVault/vaults/contosokeyvault?api-version=2015-06-01",
+                "id": "https://contosokeyvault.vault.azure.net/",
+                "httpStatusCode": 200
+            }
+        },
+        {
+            "time": "2016-01-05T01:33:56.5264523Z",
+            "resourceId": "/SUBSCRIPTIONS/361DA5D4-A47A-4C79-AFDD-XXXXXXXXXXXX/RESOURCEGROUPS/CONTOSOGROUP/PROVIDERS/MICROSOFT.KEYVAULT/VAULTS/CONTOSOKEYVAULT",
+            "operationName": "VaultGet",
+            "operationVersion": "2015-06-01",
+            "category": "AuditEvent",
+            "resultType": "Success",
+            "resultSignature": "OK",
+            "resultDescription": "",
+            "durationMs": "83",
+            "callerIpAddress": "104.40.82.76",
+            "correlationId": "",
+            "identity": {
+                "claim": {
+                    "http://schemas.microsoft.com/identity/claims/objectidentifier": "d9da5048-2737-4770-bd64-XXXXXXXXXXXX",
+                    "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "live.com#[email protected]",
+                    "appid": "1950a258-227b-4e31-a9cf-XXXXXXXXXXXX"
+                }
+            },
+            "properties": {
+                "clientInfo": "azure-resource-manager/2.0",
+                "requestUri": "https://control-prod-wus.vaultcore.azure.net/subscriptions/361da5d4-a47a-4c79-afdd-XXXXXXXXXXXX/resourcegroups/contosoresourcegroup/providers/Microsoft.KeyVault/vaults/contosokeyvault?api-version=2015-06-01",
+                "id": "https://contosokeyvault.vault.azure.net/",
+                "httpStatusCode": 200
+            }
+        }
+    ]
 }
 ```
 

articles/azure-monitor/platform/stream-monitoring-data-event-hubs.md

@@ -30,7 +30,7 @@ Before you configure streaming for any data source, you need to [create an Event
 | Tier | Data | Method |
 |:---|:---|:---|
 | [Azure tenant](data-sources.md#azure-tenant) | Azure Active Directory audit logs | Configure a tenant diagnostic setting on your AAD tenant. See  [Tutorial: Stream Azure Active Directory logs to an Azure event hub](../../active-directory/reports-monitoring/tutorial-azure-monitor-stream-logs-to-event-hub.md) for details. |
-| [Azure subscription](data-sources.md#azure-subscription) | Azure Activity Log | Create a log profile to export Activity Log events to Event Hubs.  See [Export Azure Activity log to storage or Azure Event Hubs](activity-log-export.md) for details. |
+| [Azure subscription](data-sources.md#azure-subscription) | Azure Activity Log | Create a log profile to export Activity Log events to Event Hubs.  See [Stream Azure platform logs to Azure Event Hubs](resource-logs-stream-event-hubs.md) for details. |
 | [Azure resources](data-sources.md#azure-resources) | Platform metrics<br> Resource logs |Both types of data are sent to an event hub using a resource diagnostic setting. See [Stream Azure resource  logs to an event hub](resource-logs-stream-event-hubs.md) for details. |
 | [Operating system (guest)](data-sources.md#operating-system-guest) | Azure virtual machines | Install the [Azure Diagnostics Extension](diagnostics-extension-overview.md) on Windows and Linux virtual machines in Azure. See [Streaming Azure Diagnostics data in the hot path by using Event Hubs](diagnostics-extension-stream-event-hubs.md) for details on Windows VMs and [Use Linux Diagnostic Extension to monitor metrics and logs](../../virtual-machines/extensions/diagnostics-linux.md#protected-settings) for details on Linux VMs. |
 | [Application code](data-sources.md#application-code) | Application Insights | Application Insights doesn't provide a direct method to stream data to event hubs. You can [set up continuous export](../../azure-monitor/app/export-telemetry.md) of the Application Insights data to a storage account and then use a Logic App to send the data to an event hub as described in [Manual streaming with Logic App](#manual-streaming-with-logic-app). |