AzureRM Diagnostic data and OMS Log Analytics – Monitoring across subscriptions

I am trying to collect azure diagnostics data from some resources in Azure on one separate subscription and directory, and ship them to an OMS / log analytics workspace on another subscription / directory.

The account i’m using has access to both organizations, however when I am running the commands to “To enable sending of Diagnostic Logs to a Log Analytics workspace” (as described here)

Set-AzureRmDiagnosticSetting -ResourceId [your resource id] -WorkspaceId [resource id of the log analytics workspace] -Enabled $true

My Commands:

$resourceid = "/subscriptions/e12d538c-xxxx-xxxx-xxxx-e60xxxxx2144/resourceGroups/xxx-xxxx/providers/Microsoft.Cache/Redis/xxxxxxxxxx"
$workspaceid = "/subscriptions/6a9axxxx-8xxx-4xxx-92xx-1bxxxxxx5fc23/resourceGroups/xxxxx-oms-rg/providers/Microsoft.OperationalInsights/workspaces/xxxxxxx"
Set-AzureRmDiagnosticSetting -ResourceId $ResourceId  -WorkspaceId $workspaceId -Enabled $true

I am getting the following error:

Set-AzureRmDiagnosticSetting : The access token is from the wrong issuer ‘‘. It must match the tenant‘ associated with this subscription. Please use the authority (URL) ‘‘ to get the
token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your
subscription and see this error message, please try back later.
At line:1 char:1
+ Set-AzureRmDiagnosticSetting -ResourceId $ResourceId -WorkspaceId $w …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzureRmDiagnosticSetting], CloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Insights.Diagnostics.SetAzureRmDiagnosticSettingCommand


Leave a Reply