ExpertAZ-305 · Question 06 · Domain 1.1: Logging and Monitoring
Contoso Ltd has 50 Azure subscriptions managed via a complex Management Group hierarchy. They are designing a centralized monitoring solution using Azure Monitor and Log Analytics.
The security team requires strict isolation of security logs, accessible only by the SOC team. The application teams require access to their own performance and application logs. You need to design the Log Analytics workspace architecture to minimize administrative overhead while meeting these access requirements.
Which architecture should you recommend?
Contoso Ltd has 50 Azure subscriptions managed via a complex Management Group hierarchy. They are designing a centralized monitoring solution using Azure Monitor and Log Analytics.
The security team requires strict isolation of security logs, accessible only by the SOC team. The application teams require access to their own performance and application logs. You need to design the Log Analytics workspace architecture to minimize administrative overhead while meeting these access requirements.
Which architecture should you recommend?
Answer options:
A single centralized Log Analytics workspace with workspace-context access mode.
A single centralized Log Analytics workspace with resource-context access mode.
One workspace for security logs and one workspace per application team.
One workspace per subscription with diagnostic settings forwarding to a central storage account.
How to approach this question
Full Answer
Common mistakes
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 4
55 questions · hints · full answers · grading