Microsoft Azure Solutions Architect Expert AZ-305 Practice Question
Your company has 50 Azure subscriptions organized under a single management-group hierarchy. All Azure Activity logs and resource diagnostic logs must be collected centrally. Security requires interactive Kusto queries for the most recent 90 days of data and the ability to retain and query all raw log data for at least three years at minimal cost. The design must also make it easy to onboard future subscriptions. What should you recommend?
Create a dedicated Log Analytics workspace in a central subscription. Use diagnostic settings on each subscription to send Activity and resource logs to the workspace, set workspace retention to 90 days, and enable the Azure Monitor archive tier for three-year retention.
Deploy a single Event Hubs namespace at the root management group, stream logs from all subscriptions, and use Azure Stream Analytics to write the data to an Azure SQL Database that has three-year point-in-time restore configured.
Enable an Azure Monitor Private Link Scope in each subscription and use Azure Monitor workbooks to aggregate queries, relying on the default 365-day log retention.
Configure an Azure Storage account in every subscription, stream all logs to the account, and move blobs to Cool tier with lifecycle rules for three-year retention.
A single Log Analytics workspace in a central subscription can receive Activity and resource diagnostic logs from any subscription by using subscription-level diagnostic settings or management-group-level policy. Setting the workspace's retention period to 90 days keeps recent data in hot storage for fast Kusto queries. Enabling the Azure Monitor archive tier on the same tables stores older data for up to seven years at a much lower cost while still allowing search or restore queries within minutes. Separate storage accounts, SQL databases, or workbooks either add management overhead, increase cost, or do not meet the three-year retention and query requirements.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the Azure Monitor archive tier?
Open an interactive chat with Bash
How do subscription-level diagnostic settings work in Azure?
Open an interactive chat with Bash
What is a Log Analytics workspace used for?
Open an interactive chat with Bash
Microsoft Azure Solutions Architect Expert AZ-305
Design identity, governance, and monitoring solutions
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .