/ Log Analytics

Backup Reports from Recovery Services vaults with Log Analytics and Azure Monitor

There is an easy way to send all logs from Recovery Services to our Log Analytics workspace.

Go to Recovery Services vaults and under Monitoring and Reports find Backup Reports.
When you click, a two-step configuration will be introduced, but we'll only take the first step. Click in step one Diagnostic Settings. (You can also navigate to Properties > Diagnostics Settings > Update)

1-1

Turn diagnostic:

2-1

Select Send to Log Analytics option and desired logs to be sent to the workspace. Of course, I chose everything.

3-1

Now just wait around 10 minutes and check your Log Analytics workspace using the query:

AzureDiagnostics | where EventName_s == "AzureBackupCentralReport"

4

You can see that ther is Azure Backup data directly in AzureDiagnostics. To understand better data model please visit https://docs.microsoft.com/en-us/azure/backup/backup-azure-log-analytics-data-model

What else we can do with this data?
Troubleshoot:

AzureDiagnostics | where EventName_s == "AzureBackupCentralReport" 
| where isnotempty(AlertType_s) 
| project TimeGenerated ,AlertType_s , AlertStatus_s, AlertSeverity_s, AlertCode_s, Category, BackupItemUniqueId_s, ResourceGroup

5

Or use the same query to create an alert in the Azure Monitor:

6

Have fun!