MicrosoftDocs
diff --git a/‎articles/azure-monitor/agents/azure-monitor-agent-troubleshoot-windows-vm.md
Lines changed: 1 addition & 1 deletion b/‎articles/azure-monitor/agents/azure-monitor-agent-troubleshoot-windows-vm.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/azure-monitor/essentials/migrate-to-azure-storage-lifecycle-policy.md
Lines changed: 15 additions & 17 deletions b/‎articles/azure-monitor/essentials/migrate-to-azure-storage-lifecycle-policy.md
Lines changed: 15 additions & 17 deletions
diff --git a/‎articles/azure-monitor/logs/basic-logs-azure-tables.md
Lines changed: 2 additions & 0 deletions b/‎articles/azure-monitor/logs/basic-logs-azure-tables.md
Lines changed: 2 additions & 0 deletions
diff --git a/‎articles/iot/iot-overview-security.md
Lines changed: 2 additions & 2 deletions b/‎articles/iot/iot-overview-security.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/partner-solutions/split-experimentation/media/data-access/add-scope.png
9.43 KB b/‎articles/partner-solutions/split-experimentation/media/data-access/add-scope.png
9.43 KB
diff --git a/‎articles/partner-solutions/split-experimentation/media/data-access/add-split-resource-provider-id.png
9.34 KB b/‎articles/partner-solutions/split-experimentation/media/data-access/add-split-resource-provider-id.png
9.34 KB
diff --git a/‎articles/partner-solutions/split-experimentation/media/data-access/edit-app-uri.png
5.16 KB b/‎articles/partner-solutions/split-experimentation/media/data-access/edit-app-uri.png
5.16 KB
diff --git a/‎articles/partner-solutions/split-experimentation/media/data-access/get-application-id-uri.png
12.4 KB b/‎articles/partner-solutions/split-experimentation/media/data-access/get-application-id-uri.png
12.4 KB
diff --git a/‎articles/partner-solutions/split-experimentation/media/manage/data-access-policy.png
-42.6 KB b/‎articles/partner-solutions/split-experimentation/media/manage/data-access-policy.png
-42.6 KB
diff --git a/‎articles/partner-solutions/split-experimentation/media/manage/data-source.png
-1.49 KB b/‎articles/partner-solutions/split-experimentation/media/manage/data-source.png
-1.49 KB
@@ -28,7 +28,7 @@ Follow the steps below to troubleshoot the latest version of the Azure Monitor a
 3. **Verify that the agent is running**:  
     1. Check if the agent is emitting heartbeat logs to Log Analytics workspace using the query below. Skip if 'Custom Metrics' is the only destination in the DCR:
         ```Kusto
-        Heartbeat | where Category == "Azure Monitor Agent" and 'Computer' == "<computer-name>" | take 10
+        Heartbeat | where Category == "Azure Monitor Agent" and Computer == "<computer-name>" | take 10
         ```
     2. If not, open Task Manager and check if 'MonAgentCore.exe' process is running. If it is, wait for 5 minutes for heartbeat to show up.  
     3. If not, check if you see any errors in core agent logs located at `C:\WindowsAzure\Resources\AMADataStore.<virtual-machine-name>\Configuration` on your machine  
 
@@ -6,7 +6,7 @@ ms.author: edbaynash
 ms.service: azure-monitor
 ms.topic: how-to
 ms.reviewer: lualderm
-ms.date: 08/16/2023
+ms.date: 09/02/2024
 
 #Customer intent: As a dev-ops administrator I want to migrate my retention setting from diagnostic setting retention storage to Azure Storage lifecycle management so that it continues to work after the feature has been deprecated.
 ---
@@ -23,43 +23,41 @@ For logs sent to a Log Analytics workspace, retention is set for each table on t
 > - March 31, 2023 –  The Diagnostic Settings Storage Retention feature will no longer be available to configure new retention rules for log data. This includes using the portal, CLI PowerShell, and ARM and Bicep templates.  If you have configured retention settings, you'll still be able to see and change them in the portal. 
 > - September 30, 2025 –  All retention functionality for the Diagnostic Settings Storage Retention feature will be disabled across all environments.
 
-
-
 ## Prerequisites
 
 An existing diagnostic setting logging to a storage account.
 
-## Migration Procedures
-
+## Migration procedures
 
 ## [Azure portal](#tab/portal)
+
 To migrate your diagnostics settings retention rules, follow the steps below:
 
 1. Go to the Diagnostic Settings page for your logging resource and locate the diagnostic setting you wish to migrate
 1. Set the retention for your logged categories to *0*
 1. Select **Save**
- :::image type="content" source="./media/retention-migration/diagnostics-setting.png" alt-text="A screenshot showing a diagnostics setting page.":::
+ :::image type="content" source="./media/retention-migration/diagnostics-setting.png"  lightbox="./media/retention-migration/diagnostics-setting.png" alt-text="A screenshot showing a diagnostics setting page.":::
 
 1. Navigate to the storage account you're logging to
 1. Under **Data management**, select **Lifecycle Management** to view or change lifecycle management policies
 1. Select List View, and select **Add a rule**
-:::image type="content" source="./media/retention-migration/lifecycle-management.png" alt-text="A screenshot showing the lifecycle management screen for a storage account.":::
+:::image type="content" source="./media/retention-migration/lifecycle-management.png" lightbox="./media/retention-migration/lifecycle-management.png" alt-text="A screenshot showing the lifecycle management screen for a storage account.":::
 1. Enter a **Rule name**
 1. Under **Rule Scope**, select **Limit blobs with filters**
 1. Under **Blob Type**, select  **Append Blobs** and **Base blobs** under **Blob subtype**.
 1. Select **Next**
-:::image type="content" source="./media/retention-migration/lifecycle-management-add-rule-details.png" alt-text="A screenshot showing the details tab for adding a lifecycle rule.":::
+:::image type="content" source="./media/retention-migration/lifecycle-management-add-rule-details.png" lightbox="./media/retention-migration/lifecycle-management-add-rule-details.png" alt-text="A screenshot showing the details tab for adding a lifecycle rule.":::
 
 1. Set your retention time, then select **Next**
-:::image type="content" source="./media/retention-migration/lifecycle-management-add-rule-base-blobs.png" alt-text="A screenshot showing the Base blobs tab for adding a lifecycle rule.":::
+:::image type="content" source="./media/retention-migration/lifecycle-management-add-rule-base-blobs.png" lightbox="./media/retention-migration/lifecycle-management-add-rule-base-blobs.png" alt-text="A screenshot showing the Base blobs tab for adding a lifecycle rule.":::
 
 1. On the **Filters** tab, under **Blob prefix** set path or prefix to the container or logs you want the retention rule to apply to.   The path or prefix can be at any level within the container and will apply to all blobs under that path or prefix.
-For example, for *all* insight activity logs, use the container *insights-activity-logs* to set the retention for all of the log in that container logs.  
+For example, for *all* insight activity logs, use the container *insights-activity-logs* to set the retention for all of the logs in that container.  
 To set the rule for a specific webapp app, use *insights-activity-logs/ResourceId=/SUBSCRIPTIONS/\<your subscription Id\>/RESOURCEGROUPS/\<your resource group\>/PROVIDERS/MICROSOFT.WEB/SITES/\<your webapp name\>*. 
 
     Use the Storage browser to help you find the path or prefix.   
-    The example below shows the prefix for a specific web app: **insights-activity-logs/ResourceId=/SUBSCRIPTIONS/d05145d-4a5d-4a5d-4a5d-5267eae1bbc7/RESOURCEGROUPS/rg-001/PROVIDERS/MICROSOFT.WEB/SITES/appfromdocker1*.  
-    To set the rule for all resources in the resource group, use *insights-activity-logs/ResourceId=/SUBSCRIPTIONS/d05145d-4a5d-4a5d-4a5d-5267eae1bbc7/RESOURCEGROUPS/rg-001*.
+    The example below shows the prefix for a specific web app: **insights-activity-logs/ResourceId=/SUBSCRIPTIONS/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e/RESOURCEGROUPS/rg-001/PROVIDERS/MICROSOFT.WEB/SITES/appfromdocker1*.  
+    To set the rule for all resources in the resource group, use *insights-activity-logs/ResourceId=/SUBSCRIPTIONS/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e7/RESOURCEGROUPS/rg-001*.
     :::image type="content" source="./media/retention-migration/blob-prefix.png" alt-text="A screenshot showing the Storage browser and resource path." lightbox="./media/retention-migration/blob-prefix.png":::
 
 1. Select **Add** to save the rule.
@@ -68,7 +66,7 @@ To set the rule for a specific webapp app, use *insights-activity-logs/ResourceI
 
 ## [CLI](#tab/cli)
 
-Use the [az storage account management-policy create](/cli/azure/storage/account/management-policy#az-storage-account-management-policy-create) command to create a lifecycle management policy. You must still set the retention in your diagnostic settings to *0*. See the Azure portal section above for more information.
+Use the [az storage account management-policy create](/cli/azure/storage/account/management-policy#az-storage-account-management-policy-create) command to create a lifecycle management policy. You must still set the retention in your diagnostic settings to *0*. For more information, see the migration procedures for the Azure Portal.
 
 
 
@@ -99,7 +97,7 @@ The sample policy definition file below sets the retention for all blobs in the
             "appendBlob"
           ],
           "prefixMatch": [
-            "insights-activity-logs/ResourceId=/SUBSCRIPTIONS/ABCD1234-5849-ABCD-1234-9876543210AB"
+            "insights-activity-logs/ResourceId=/SUBSCRIPTIONS/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e"
           ]
         }
       }
@@ -114,15 +112,15 @@ The sample policy definition file below sets the retention for all blobs in the
 
 ## [Templates](#tab/templates)
 
-Apply the following template to create a lifecycle management policy. You must still set the retention in your diagnostic settings to *0*. See the Azure portal section above for more information.
+Apply the following template to create a lifecycle management policy. You must still set the retention in your diagnostic settings to *0*. For more information, see the migration procedures for the Azure Portal.
 
 ```azurecli
 
 az deployment group create  --resource-group <resource group name> --template-file <template file>
 
 ```
 
-The following template sets the retention for storage account *azmonstorageaccount001* for all blobs in the container *insights-activity-logs* for all resources for the subscription ID *ABCD1234-5849-ABCD-1234-9876543210AB*.
+The following template sets the retention for storage account *azmonstorageaccount001* for all blobs in the container *insights-activity-logs* for all resources for the subscription ID *aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e*.
 
 ```json
 {
@@ -153,7 +151,7 @@ The following template sets the retention for storage account *azmonstorageaccou
                                         "appendBlob"
                                     ],
                                     "prefixMatch": [
-                                        "insights-activity-logs/ResourceId=/SUBSCRIPTIONS/ABCD1234-5849-ABCD-1234-9876543210AB"
+                                        "insights-activity-logs/ResourceId=/SUBSCRIPTIONS/aaaa0a0a-bb1b-cc2c-dd3d-eeeeee4e4e4e"
                                     ]
                                 }
                             }
 
@@ -19,6 +19,7 @@ All custom tables created with or migrated to the [Logs ingestion API](logs-inge
 | Service | Table |
 |:---|:---|
 | Azure Active Directory | [AADDomainServicesDNSAuditsGeneral](/azure/azure-monitor/reference/tables/AADDomainServicesDNSAuditsGeneral)<br> [AADDomainServicesDNSAuditsDynamicUpdates](/azure/azure-monitor/reference/tables/AADDomainServicesDNSAuditsDynamicUpdates)<br>[AADManagedIdentitySignInLogs](/azure/azure-monitor/reference/tables/AADManagedIdentitySignInLogs)<br>[AADNonInteractiveUserSignInLogs](/azure/azure-monitor/reference/tables/AADNonInteractiveUserSignInLogs)<br>[AADServicePrincipalSignInLogs](/azure/azure-monitor/reference/tables/AADServicePrincipalSignInLogs) <br>[ADFSSignInLogs](/azure/azure-monitor/reference/tables/ADFSSignInLogs) |
+| Azure Cache for Redis | [ACREntraAuthenticationAuditLog](/azure/azure-monitor/reference/tables/ACREntraAuthenticationAuditLog) |
 | Azure Load Balancing | [ALBHealthEvent](/azure/azure-monitor/reference/tables/ALBHealthEvent) |
 | Azure Databricks | [DatabricksBrickStoreHttpGateway](/azure/azure-monitor/reference/tables/databricksbrickstorehttpgateway)<br>[DatabricksDataMonitoring](/azure/azure-monitor/reference/tables/databricksdatamonitoring)<br>[DatabricksFilesystem](/azure/azure-monitor/reference/tables/databricksfilesystem)<br>[DatabricksDashboards](/azure/azure-monitor/reference/tables/databricksdashboards)<br>[DatabricksCloudStorageMetadata](/azure/azure-monitor/reference/tables/databrickscloudstoragemetadata)<br>[DatabricksPredictiveOptimization](/azure/azure-monitor/reference/tables/databrickspredictiveoptimization)<br>[DatabricksIngestion](/azure/azure-monitor/reference/tables/databricksingestion)<br>[DatabricksMarketplaceConsumer](/azure/azure-monitor/reference/tables/databricksmarketplaceconsumer)<br>[DatabricksLineageTracking](/azure/azure-monitor/reference/tables/databrickslineagetracking)
 | API Management | [ApiManagementGatewayLogs](/azure/azure-monitor/reference/tables/ApiManagementGatewayLogs)<br>[ApiManagementWebSocketConnectionLogs](/azure/azure-monitor/reference/tables/ApiManagementWebSocketConnectionLogs) |
@@ -42,6 +43,7 @@ All custom tables created with or migrated to the [Logs ingestion API](logs-inge
 | DNS Security Policies | [DNSQueryLogs](/azure/azure-monitor/reference/tables/DNSQueryLogs) |
 | Dev Centers | [DevCenterDiagnosticLogs](/azure/azure-monitor/reference/tables/DevCenterDiagnosticLogs)<br>[DevCenterResourceOperationLogs](/azure/azure-monitor/reference/tables/DevCenterResourceOperationLogs)<br>[DevCenterBillingEventLogs](/azure/azure-monitor/reference/tables/DevCenterBillingEventLogs) |
 | Data Transfer | [DataTransferOperations](/azure/azure-monitor/reference/tables/DataTransferOperations) |
+| Event Grid Namespaces | [EGNSuccessfulHttpDataPlaneOperations](/azure/azure-monitor/reference/tables/EGNSuccessfulHttpDataPlaneOperations)<br>[EGNFailedHttpDataPlaneOperations](/azure/azure-monitor/reference/tables/EGNFailedHttpDataPlaneOperations)|
 | Event Hubs | [AZMSArchiveLogs](/azure/azure-monitor/reference/tables/AZMSArchiveLogs)<br>[AZMSAutoscaleLogs](/azure/azure-monitor/reference/tables/AZMSAutoscaleLogs)<br>[AZMSCustomerManagedKeyUserLogs](/azure/azure-monitor/reference/tables/AZMSCustomerManagedKeyUserLogs)<br>[AZMSKafkaCoordinatorLogs](/azure/azure-monitor/reference/tables/AZMSKafkaCoordinatorLogs)<br>[AZMSKafkaUserErrorLogs](/azure/azure-monitor/reference/tables/AZMSKafkaUserErrorLogs) |
 | Firewalls | [AZFWFlowTrace](/azure/azure-monitor/reference/tables/AZFWFlowTrace) |
 | Health Care APIs | [AHDSMedTechDiagnosticLogs](/azure/azure-monitor/reference/tables/AHDSMedTechDiagnosticLogs)<br>[AHDSDicomDiagnosticLogs](/azure/azure-monitor/reference/tables/AHDSDicomDiagnosticLogs)<br>[AHDSDicomAuditLogs](/azure/azure-monitor/reference/tables/AHDSDicomAuditLogs) |
 
@@ -67,7 +67,7 @@ Microsoft Defender for IoT can automatically monitor some of the recommendations
 
 ## Connection security
 
-- **Use X.509 certificates to authenticate your devices to IoT Hub or IoT Central**: IoT Hub and IoT Central support both X509 certificate-based authentication and security tokens as methods for a device to authenticate. If possible, use X509-based authentication in production environments as it provides greater security. To learn more, see [Authenticating a device to IoT Hub](../iot-hub/iot-hub-dev-guide-sas.md#authenticating-a-device-to-iot-hub) and [Device authentication concepts in IoT Central](../iot-central/core/concepts-device-authentication.md).
+- **Use X.509 certificates to authenticate your devices to IoT Hub or IoT Central**: IoT Hub and IoT Central support both X509 certificate-based authentication and security tokens as methods for a device to authenticate. If possible, use X509-based authentication in production environments as it provides greater security. To learn more, see [Authenticating a device to IoT Hub](../iot-hub/authenticate-authorize-x509.md) and [Device authentication concepts in IoT Central](../iot-central/core/concepts-device-authentication.md).
 
 - **Use Transport Layer Security (TLS) 1.2 to secure connections from devices**: IoT Hub and IoT Central use TLS to secure connections from IoT devices and services. Three versions of the TLS protocol are currently supported: 1.0, 1.1, and 1.2. TLS 1.0 and 1.1 are considered legacy. To learn more, see [Authentication and authorization](iot-overview-device-connectivity.md#authentication).
 
@@ -85,7 +85,7 @@ Microsoft Defender for IoT can automatically monitor some of the recommendations
 
 - **Protect cloud credentials**: An attacker can use the cloud authentication credentials you use to configure and operate your IoT deployment to gain access to and compromise your IoT system. Protect the credentials by changing the password frequently, and don't use these credentials on public machines.
 
-- **Define access controls for your IoT hub**: Understand and define the type of access that each component in your IoT Hub solution needs based on the required functionality. There are two ways you can grant permissions for the service APIs to connect to your IoT hub: [Microsoft Entra ID](../iot-hub/iot-hub-dev-guide-azure-ad-rbac.md) or [Shared Access signatures](../iot-hub/iot-hub-dev-guide-sas.md).
+- **Define access controls for your IoT hub**: Understand and define the type of access that each component in your IoT Hub solution needs based on the required functionality. There are two ways you can grant permissions for the service APIs to connect to your IoT hub: [Microsoft Entra ID](../iot-hub/authenticate-authorize-azure-ad.md) or [Shared Access signatures](../iot-hub/authenticate-authorize-sas.md). If possible, use Microsoft Entra ID in production environments as it provides greater security.
 
 - **Define access controls for your IoT Central application**: Understand and define the type of access that you enable for your IoT Central application. To learn more, see: