Microsoft Azure Solutions Architect Expert AZ-305 Practice Question
Contoso manages about 20 Azure subscriptions that belong to different business units. You must design a centralized logging architecture with the following requirements: collect all platform and resource diagnostic logs from every subscription in a single location; allow operations engineers to run Kusto queries and create alert rules across all data; retain logs for at least 24 months; enable future onboarding of Microsoft Sentinel with minimal reconfiguration. What should you recommend?
Connect Azure Monitor Managed Grafana to each subscription and create dashboards and metric alerts; rely on Grafana for cross-subscription queries and long-term visualization.
Enable continuous export of activity and diagnostic logs to a single Azure Storage account with lifecycle management moving data to archive after 90 days. Query the data using Azure Synapse serverless SQL pools.
Forward subscription activity logs to an Azure Event Hub and use Azure Stream Analytics to write the events into an Azure Cosmos DB container configured with a two-year time-to-live policy.
Deploy a dedicated Log Analytics workspace in a management subscription. Configure diagnostic settings in each subscription to stream activity and resource logs to this workspace and set its retention to 730 days.
A single Log Analytics workspace can ingest activity logs and diagnostic logs from resources that reside in any Azure subscription, letting operators run Kusto queries and define cross-workspace alert rules in Azure Monitor. The workspace retention period is configurable up to 730 days (24 months) and Microsoft Sentinel relies on such a workspace, so no redesign is required for later SIEM enablement. Exporting to Azure Storage would meet retention but lacks native Kusto query and alert capabilities and would complicate Sentinel onboarding. Routing logs through Event Hub to Cosmos DB adds unnecessary components and administrative overhead while still not providing built-in analytics. Azure Monitor Managed Grafana focuses on metrics visualization; it neither stores logs nor offers long-term retention, so it cannot satisfy the stated requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a Log Analytics workspace in Azure?
Open an interactive chat with Bash
What is Kusto Query Language (KQL)?
Open an interactive chat with Bash
Why is Microsoft Sentinel a good fit for centralized logging?
Open an interactive chat with Bash
Microsoft Azure Solutions Architect Expert AZ-305
Design identity, governance, and monitoring solutions
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .