Fix office log health & data enrichment workbook for Global Secure Ac…

…cess (microsoft#2416) * Used LogAnalyticWorkspace parameter in Workload, Users, DeviceId, IP parameters --------- Co-authored-by: Daniel Shkolnik <dshkolnik@microsoft.com>
Palciny · Sep 10, 2023 · 91fb0b0 · 91fb0b0
1 parent 82167d3
commit 91fb0b0
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/...e Log Health and Data Enrichment/Office Log Health and Data Enrichment.workbook b/...e Log Health and Data Enrichment/Office Log Health and Data Enrichment.workbook
@@ -75,6 +75,9 @@
       "type": 9,
       "content": {
         "version": "KqlParameterItem/1.0",
+        "crossComponentResources": [
+          "{LogAnalyticWorkspace}"
+        ],
         "parameters": [
           {
             "id": "ecb6d3c9-d1cf-44cc-a6ee-116c24f01af0",
@@ -116,6 +119,9 @@
             "quote": "'",
             "delimiter": ",",
             "query": "EnrichedMicrosoft365AuditLogs | summarize Count = count() by Workload\r\n| order by Count desc, Workload asc\r\n| project Value = Workload, Label = strcat(Workload, ' - ', Count, ' Logs'), Selected = false",
+            "crossComponentResources": [
+              "{LogAnalyticWorkspace}"
+            ],
             "typeSettings": {
               "additionalResourceOptions": [
                 "value::all"
@@ -142,6 +148,9 @@
             "quote": "'",
             "delimiter": ",",
             "query": "EnrichedMicrosoft365AuditLogs\r\n| summarize Count = count() by UserId\r\n| order by Count desc, UserId asc\r\n| project Value = UserId, Label = strcat(UserId, ' - ', Count, ' Logs'), Selected = false",
+            "crossComponentResources": [
+              "{LogAnalyticWorkspace}"
+            ],
             "typeSettings": {
               "limitSelectTo": 20,
               "additionalResourceOptions": [
@@ -170,6 +179,9 @@
             "quote": "'",
             "delimiter": ",",
             "query": "EnrichedMicrosoft365AuditLogs\r\n| where DeviceId != \"\"\r\n| summarize Count = count() by DeviceId\r\n| order by Count desc, DeviceId asc\r\n| project Value = DeviceId, Label = strcat(DeviceId, ' - ', Count, ' Logs'), Selected = false\r\n",
+            "crossComponentResources": [
+              "{LogAnalyticWorkspace}"
+            ],
             "typeSettings": {
               "limitSelectTo": 20,
               "additionalResourceOptions": [
@@ -198,6 +210,9 @@
             "quote": "'",
             "delimiter": ",",
             "query": "EnrichedMicrosoft365AuditLogs\r\n| summarize Count = count() by SourceIp\r\n| order by Count desc, SourceIp asc\r\n| project Value = SourceIp, Label = strcat(SourceIp, ' - ', Count, ' Logs'), Selected = false",
+            "crossComponentResources": [
+              "{LogAnalyticWorkspace}"
+            ],
             "typeSettings": {
               "limitSelectTo": 20,
               "additionalResourceOptions": [