remove-azdiagnosticsetting powershell script code example

Example: remove-azdiagnosticsetting powershell script

<#
.Synopsis
A script used to remove the Diagnostic Settings for a particular Azure Resource

.DESCRIPTION
A script used to remove the Diagnostic Settings for a particular Azure Resource,
As part of the removal process, the report will log the following information:
    - Diagnostic Settings Name
    - Azure Resource Name
    - Removal Status
    - Storage account Name
    - Log Analytics Workspace
    - Event Hub Namespace

.Notes
Created   : 2020-11-30
Version   : 1.0
Author    : Charbel Nemnom
Twitter   : @CharbelNemnom
Blog      : https://charbelnemnom.com
Disclaimer: This script is provided "AS IS" with no warranties.
#>

#! Login with Connect-AzAccount if NOT using Cloud Shell
Connect-AzAccount

#! Enter Azure Resource Type
Do { $resourceType = Read-Host "`nEnter the Azure Resource Type as the following example: applicationgateways " } `
while (!$resourceType)

#! Get all Azure Subscriptions
$azSubs = Get-AzSubscription

#! Loop through all Azure Subscriptions
foreach ($azSub in $azSubs) {
    Set-AzContext $azSub.id | Out-Null

    #! Set array
    $azlogs = @()

    #! Get all Azure resources deployed in each Subscription for a particular Resource Type
    $azResources = Get-AZResource | Where-Object {$_.ResourceType.split('/')[-1] -eq "$resourceType"}

    #! Get all Azure resources which have Diagnostic settings enabled for a particular resource Type
    foreach ($azResource in $azResources) {
        $resourceId     = $azResource.ResourceId
        $azDiagSettings = Get-AzDiagnosticSetting -ResourceId $resourceId | Where-Object {$_.Id -ne $NULL}
        foreach ($azDiag in $azDiagSettings) {
            If ($azDiag.StorageAccountId) {
                [string]$storage = $azDiag.StorageAccountId
                [string]$storageAccount = $storage.Split('/')[-1]
            }
            If ($azDiag.WorkspaceId) {
                [string]$workspace = $azDiag.WorkspaceId
                [string]$logAnalytics = $workspace.Split('/')[-1]
            }
            If ($azDiag.EventHubAuthorizationRuleId) {
                [string]$eHub = $azDiag.EventHubAuthorizationRuleId
                [string]$eventHub = $eHub.Split('/')[-3]
            }
            #! Remove diagnostic settings for the particular resource
            [string]$azDiagid = $azdiag.id -replace "(?=/providers/microsoft.insights).*"
            $removeDiag = Remove-AzDiagnosticSetting -ResourceId $azDiagid -Name $azDiag.Name
             if (!$removeDiag) {
                $removeDiag = New-Object pscustomobject
                $removeDiag | Add-Member -NotePropertyName StatusCode -NotePropertyValue "ErrorResponseException"
            }
            #! Create log
            $azlogs +=  @($("Diagnostic setting name: " + $azDiag.Name), ("Azure Resource name: " + $azResource.Name), `
                         ("Removal Status: " + $removeDiag.StatusCode), ("Storage Account Name: " + $storageAccount), `
                         ("Log Analytics workspace: " + $logAnalytics), ("Event Hub Namespace: " + $eventHub) )
            $azlogs += @(" ")
        }
    }
        #! Save remove Diagnostic settings report for each Azure Subscription
        $azSubName = $azSub.Name
        $azlogs > .\$azSubName.txt
}

Tags:

Misc Example

Recent Posts