Matt Craddock

Additional logs to investigate: - Network events - Firewall logs - NSG logs - Service logs - Containers - apricot - guac user sync - Nexus allowlist - Gitea -...

Logging from container instances https://learn.microsoft.com/en-us/azure/container-instances/monitor-azure-container-instances > Log Analytics workspaces provide a centralized location for storing and querying log data not only from Azure resources, but also on-premises resources and resources...

- Can't enable LogAnalytics/Diagnostic settings directly on the Entra tenants we use, since these features require a subscription on the tenant - Simplest solution probably just to direct people to...

One complexity is that network flow logs require a Network Watcher. There is only one network watcher per region per subscription, which by default gets automatically created when any virtual...

> Looks like [virtual network flow logs](https://learn.microsoft.com/en-us/azure/network-watcher/vnet-flow-logs-overview) are the new thing (NSG flow logs deprecated from 2027). Not sure if they are any easier to use though. Also won't be...

> Looks like there isn't anything useful we can get out of the virtual networks/NSGs. > > Metrics are not supported by log analytics, and @craddm noted an issue with...

> > flow logs should keep track of things like network traffic (source and destinations) and how the NSG rules are being applied > > I think that is what...

Original error message 

This may be because of running the deployment from Powershell, which sets environment variables differently. I did not encounter this error when running from bash on a Linux Azure VM

> > This may be because of running the deployment from Powershell, which sets environment variables differently. I did not encounter this error when running from bash on a Linux...