Search for an Uploaded File in AWS CloudWatch
Overview
Azure Log Analytics Workspace provides logging and query capabilities to monitor and analyze SFTP file transfer events. Using Azure Monitor and Kusto Query Language (KQL), you can search for a specific file that was uploaded to an Azure SFTP server.
Steps to Search for an Uploaded File in Azure Log Analytics Workspace
- Access Log Analytics Workspace:
- Navigate to the Azure Portal.
- Open
Monitor>Logs. - Select the relevant Log Analytics Workspace where SFTP logs are stored.
- Locate the Correct Log Table:
- Azure SFTP logs are typically stored in AzureDiagnostics or a custom table configured for SFTP events.
- Click on
Tablesand browse to find the relevant log source.
- Run a Query to Search for the File Name:
- Enter the following KQL query in the Query Editor:
AzureDiagnostics
| where Message contains "your_filename_here"
- Replace
your_filename_herewith the exact name of the file you are searching for.
- Refine Your Search (Optional):
- Filter by time range:
AzureDiagnostics
| where Message contains "your_filename_here"
| where TimeGenerated > ago(24h)
Filter by user (if user metadata is available):
AzureDiagnostics
| where User == "specific_user"
- View and Analyze Results:
- The logs will display events related to the specified file, including timestamps, transfer details, and user activity.
Additional Considerations
- User Activity: If you need to track which user uploaded the file, ensure user metadata is being logged.
- Exporting Logs: You can export search results to Azure Storage, Power BI, or other tools for further analysis.
- Alerts & Notifications: Set up Azure Monitor Alerts to notify you when a file matching specific criteria is uploaded.