Search for an Uploaded File · SFTP Gateway Support

TLDR - Quick Summary

What: Search for specific uploaded file in Azure Log Analytics

Query: AzureDiagnostics | where Message contains "your_filename_here"

Filter by time: Add | where TimeGenerated > ago(24h)

Overview

Azure Log Analytics Workspace provides logging and query capabilities to monitor and analyze SFTP file transfer events. Using Azure Monitor and Kusto Query Language (KQL), you can search for a specific file that was uploaded to an Azure SFTP server.

Steps to Search for an Uploaded File in Azure Log Analytics Workspace

Access Log Analytics Workspace:

Navigate to the Azure Portal.
Open Monitor > Logs.
Select the relevant Log Analytics Workspace where SFTP logs are stored.

Locate the Correct Log Table:

Azure SFTP logs are typically stored in AzureDiagnostics or a custom table configured for SFTP events.
Click on Tables and browse to find the relevant log source.

Run a Query to Search for the File Name:

Enter the following KQL query in the Query Editor:

AzureDiagnostics
| where Message contains "your_filename_here"

Replace your_filename_here with the exact name of the file you are searching for.

Refine Your Search (Optional):

Filter by time range:

AzureDiagnostics
| where Message contains "your_filename_here"
| where TimeGenerated > ago(24h)

Filter by user (if user metadata is available):

AzureDiagnostics
| where User == "specific_user"

View and Analyze Results:

The logs will display events related to the specified file, including timestamps, transfer details, and user activity.

Additional Considerations

User Activity: If you need to track which user uploaded the file, ensure user metadata is being logged.
Exporting Logs: You can export search results to Azure Storage, Power BI, or other tools for further analysis.
Alerts & Notifications: Set up Azure Monitor Alerts to notify you when a file matching specific criteria is uploaded.