diff --git a/README.md b/README.md
index a3fab85..fbae037 100644
--- a/README.md
+++ b/README.md
@@ -22,6 +22,11 @@ provider "azurerm" {
   features {}
 }
 
+data "azurerm_log_analytics_workspace" "example" {
+  name                = "loganalytics-we-sharedtest2"
+  resource_group_name = "rg-shared-westeurope-01"
+}
+
 module "firewall" {
   source  = "kumarvna/firewall/azurerm"
   version = "1.1.0"
@@ -97,9 +102,9 @@ module "firewall" {
     },
   ]
 
-  # (Optional) To enable Azure Monitoring for Azure MySQL database
-  # (Optional) Specify `storage_account_name` to save monitoring logs to storage. 
-  log_analytics_workspace_name = "loganalytics-we-sharedtest2"
+  # (Optional) To enable Azure Monitoring and diagnostics to firewall and public ip's
+  # (Optional) Specify `storage_account_name` to save monitoring logs to storage.   
+  log_analytics_workspace_id = data.azurerm_log_analytics_workspace.example.id
 
   # Adding TAG's to your Azure resources 
   tags = {
@@ -223,10 +228,8 @@ Name | Description | Type | Default
 `resource_group_name`|The name of an existing resource group.|string|`""`
 `location`|The location for all resources while creating a new resource group.|string|`""`
 `virtual_network_name`|The name of the virtual network|string|`""`
-`storage_account_name`|The name of the storage account name|string|`null`
-`log_analytics_workspace_name`|The name of log analytics workspace name|string|`null`
 `firewall_subnet_address_prefix`|The address prefix to use for the Firewall subnet.The Subnet used for the Firewall must have the name `AzureFirewallSubnet` and the subnet mask must be at least a `/26`.|list|`[]`
-`firewall_management_subnet_address_prefix`|The address prefix to use for Firewall managemement subnet to enable forced tunnelling. The Management Subnet used for the Firewall must have the name `AzureFirewallManagementSubnet` and the subnet mask must be at least a `/26`.
+`firewall_management_subnet_address_prefix`|The address prefix to use for Firewall managemement subnet to enable forced tunnelling. The Management Subnet used for the Firewall must have the name `AzureFirewallManagementSubnet` and the subnet mask must be at least a `/26`.|list|`[]`
 `public_ip_prefix_length`|Specifies the number of bits of the prefix. The value can be set between `0` (4,294,967,296 addresses) and `31` (2 addresses).|number|`31`
 `public_ip_names`|Public ips is a list of ip names that are connected to the firewall. At least one is required|list|`["fw-public"]`
 `firewall_service_endpoints`|Service endpoints to add to the firewall subnet|list|`["Microsoft.AzureActiveDirectory", "Microsoft.AzureCosmosDB", "Microsoft.EventHub",  "Microsoft.KeyVault", "Microsoft.ServiceBus", "Microsoft.Sql", "Microsoft.Storage",]`
@@ -236,6 +239,8 @@ Name | Description | Type | Default
 `firewall_application_rules`|Microsoft-managed virtual network that enables connectivity from other resources.|list(object)|`[]`
 `firewall_network_rules`|List of network rules to apply to firewall.|list(object)|`[]`
 `firewall_nat_rules`|List of nat rules to apply to firewall|list(object)|`[]`
+`storage_account_name`|The name of the storage account name|string|`null`
+`log_analytics_workspace_id`|The resource id of log analytics workspace|string|`null`
 `Tags`|A map of tags to add to all resources|map|`{}`
 
 ## Outputs
diff --git a/examples/complete/README.md b/examples/complete/README.md
index 21f0527..8f35433 100644
--- a/examples/complete/README.md
+++ b/examples/complete/README.md
@@ -10,6 +10,11 @@ provider "azurerm" {
   features {}
 }
 
+data "azurerm_log_analytics_workspace" "example" {
+  name                = "loganalytics-we-sharedtest2"
+  resource_group_name = "rg-shared-westeurope-01"
+}
+
 module "firewall" {
   source  = "kumarvna/firewall/azurerm"
   version = "1.1.0"
@@ -85,9 +90,9 @@ module "firewall" {
     },
   ]
 
-  # (Optional) To enable Azure Monitoring for Azure MySQL database
-  # (Optional) Specify `storage_account_name` to save monitoring logs to storage. 
-  log_analytics_workspace_name = "loganalytics-we-sharedtest2"
+  # (Optional) To enable Azure Monitoring and diagnostics to firewall and public ip's
+  # (Optional) Specify `storage_account_name` to save monitoring logs to storage.   
+  log_analytics_workspace_id = data.azurerm_log_analytics_workspace.example.id
 
   # Adding TAG's to your Azure resources 
   tags = {
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 35b47af..a6c3079 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -3,6 +3,11 @@ provider "azurerm" {
   features {}
 }
 
+data "azurerm_log_analytics_workspace" "example" {
+  name                = "loganalytics-we-sharedtest2"
+  resource_group_name = "rg-shared-westeurope-01"
+}
+
 module "firewall" {
   source  = "kumarvna/firewall/azurerm"
   version = "1.1.0"
@@ -78,9 +83,9 @@ module "firewall" {
     },
   ]
 
-  # (Optional) To enable Azure Monitoring for Azure MySQL database
-  # (Optional) Specify `storage_account_name` to save monitoring logs to storage. 
-  log_analytics_workspace_name = "loganalytics-we-sharedtest2"
+  # (Optional) To enable Azure Monitoring and diagnostics to firewall and public ip's
+  # (Optional) Specify `storage_account_name` to save monitoring logs to storage.   
+  log_analytics_workspace_id = data.azurerm_log_analytics_workspace.example.id
 
   # Adding TAG's to your Azure resources 
   tags = {
diff --git a/graph.png b/graph.png
index f1f3571..2aeb826 100644
Binary files a/graph.png and b/graph.png differ
diff --git a/main.tf b/main.tf
index e7d7bdb..016a910 100644
--- a/main.tf
+++ b/main.tf
@@ -40,12 +40,6 @@ resource "azurerm_resource_group" "rg" {
   tags     = merge({ "ResourceName" = format("%s", var.resource_group_name) }, var.tags, )
 }
 
-data "azurerm_log_analytics_workspace" "logws" {
-  count               = var.log_analytics_workspace_name != null ? 1 : 0
-  name                = var.log_analytics_workspace_name
-  resource_group_name = local.resource_group_name
-}
-
 data "azurerm_storage_account" "storeacc" {
   count               = var.storage_account_name != null ? 1 : 0
   name                = var.storage_account_name
@@ -250,11 +244,11 @@ resource "azurerm_firewall_policy" "fw-policy" {
 # azurerm monitoring diagnostics - Firewall and Public IP's
 #---------------------------------------------------------------
 resource "azurerm_monitor_diagnostic_setting" "fw-mgnt-pip-diag" {
-  count                      = var.log_analytics_workspace_name != null || var.storage_account_name != null && var.enable_forced_tunneling ? 1 : 0
+  count                      = var.log_analytics_workspace_id != null || var.storage_account_name != null && var.enable_forced_tunneling ? 1 : 0
   name                       = lower("fw-${var.firewall_config.name}-mgnt-pip-diag")
   target_resource_id         = azurerm_public_ip.fw-mgnt-pip.0.id
   storage_account_id         = var.storage_account_name != null ? data.azurerm_storage_account.storeacc.0.id : null
-  log_analytics_workspace_id = data.azurerm_log_analytics_workspace.logws.0.id
+  log_analytics_workspace_id = var.log_analytics_workspace_id
 
   dynamic "log" {
     for_each = var.fw_pip_diag_logs
@@ -284,11 +278,11 @@ resource "azurerm_monitor_diagnostic_setting" "fw-mgnt-pip-diag" {
 }
 
 resource "azurerm_monitor_diagnostic_setting" "fw-pip-diag" {
-  for_each                   = { for pip in var.public_ip_names : pip => true if var.log_analytics_workspace_name != null || var.storage_account_name != null }
+  for_each                   = { for pip in var.public_ip_names : pip => true if var.log_analytics_workspace_id != null || var.storage_account_name != null }
   name                       = lower("fw-${var.firewall_config.name}-${each.key}-pip-diag")
   target_resource_id         = azurerm_public_ip.fw-pip[each.key].id
   storage_account_id         = var.storage_account_name != null ? data.azurerm_storage_account.storeacc.0.id : null
-  log_analytics_workspace_id = data.azurerm_log_analytics_workspace.logws.0.id
+  log_analytics_workspace_id = var.log_analytics_workspace_id
 
   dynamic "log" {
     for_each = var.fw_pip_diag_logs
@@ -318,11 +312,11 @@ resource "azurerm_monitor_diagnostic_setting" "fw-pip-diag" {
 }
 
 resource "azurerm_monitor_diagnostic_setting" "fw-diag" {
-  count                      = var.log_analytics_workspace_name != null || var.storage_account_name != null ? 1 : 0
+  count                      = var.log_analytics_workspace_id != null || var.storage_account_name != null ? 1 : 0
   name                       = lower("${var.firewall_config.name}-diag")
   target_resource_id         = azurerm_firewall.fw.id
   storage_account_id         = var.storage_account_name != null ? data.azurerm_storage_account.storeacc.0.id : null
-  log_analytics_workspace_id = data.azurerm_log_analytics_workspace.logws.0.id
+  log_analytics_workspace_id = var.log_analytics_workspace_id
 
   dynamic "log" {
     for_each = var.fw_diag_logs
diff --git a/variables.tf b/variables.tf
index 11be632..761a8d8 100644
--- a/variables.tf
+++ b/variables.tf
@@ -159,8 +159,8 @@ variable "fw_diag_logs" {
   default     = ["AzureFirewallApplicationRule", "AzureFirewallNetworkRule", "AzureFirewallDnsProxy"]
 }
 
-variable "log_analytics_workspace_name" {
-  description = "The name of log analytics workspace name"
+variable "log_analytics_workspace_id" {
+  description = "The resource id of log analytics workspace"
   default     = null
 }