developers

Ship your Auth0 logs to Azure Log Analytics

Learn about the main features of Azure Log Analytics and how you can integrate it with Auth0

Apr 13, 20175 min read


This article is deprecated.

The custom extension described in this post no longer works as expected. If you're interested in integrating Azure Log Analytics with Auth0, we recommend you use the "Auth0 Logs to Azure Blob Storage" extension, maintained by Auth0, and then follow the instructions in this blog post from Azure for integrating stored logs with Azure Log Analytics.

TL;DR: In this article, you will learn how to integrate Auth0 with Azure Log Analytics, ship your logs automatically, and analyze them later on your OMS Portal.


The need for logging is probably as old as computers, and its importance has grown hand in hand with the complexity of distributed architectures.

It is common nowadays for applications and platforms to span multiple servers, service instances, languages, and even technologies. Keeping the status and logs of every part becomes a challenge.

If you are an architect or in charge of the infrastructure of a platform, you might discover that each team is defining their own logging pipeline, different from the rest. This leads to a disconnected scenario where tracking a single problem across modules becomes a daunting and almost impossible task.

You need a single, reliable, and performant service where you can store all your logs, no matter what their origin is, and query them afterward to create knowledge. This service needs to understand a universal format that can be implemented by all of your teams, no matter what technology they use.

Azure Log Analytics to the rescue

Azure Log Analytics is a logging-as-a-service solution that can help you collect and analyze data from your cloud or on-premises sources. These sources can be anything from a local server, monitored by an agent, to a custom Web app written on Python running on Amazon Web Services, using the HTTP DataCollector API. If you think about it, this actually covers any kind of hardware/OS monitoring in an enterprise and any software service in one solution. You could trace a problem originating in your OS and follow it across your different applications' logs, all in the same screen. Wouldn't that be awesome?

Log Analytics offers a powerful querying engine that indexes every attribute of your logs and lets you navigate through log records in a breeze.

Azure Log Analytics queries

You can even create custom dashboards to summarize information.

Azure Log Analytics custom dashboard

Creating alerts and webhooks that respond to log changes lets you take proactive actions and respond by triggering a custom flow of actions.

Azure Log Analytics alerts and webhooks

Finally, the pricing model is quite flexible. It even has a free tier that holds your data for seven days with a 500MB daily collection limit. The price can scale as your volume of data increases following the cloud paradigm of pay-as-you-go.

Integrating Auth0 with Log Analytics

As I mentioned in the previous section, Azure Log Analytics has an HTTP DataCollector API, which ingests logs using JSON. This widely used format lets you send logs from practically anywhere, including any piece of software you might be building (or have built).

Particularly, Auth0 handles your account's logs in the same format and exposes them through the Management API. These logs include the interactions your users have with your application, such as logins, and internal operations, such as grants or configuration changes.

To obtain and send these logs to Azure Log Analytics, we can use extensions that run on a continuous schedule. In this article, we'll be using a custom extension that is already available to achieve it.

Creating our Log Analytics service

We can create a free service through the Azure Portal.

Azure portal experience

Once it's provisioned, we'll be able to access the OMS Portal through the newly created instance.

Azure portal experience

In the OMS Portal, go to the Settings charm on the top right menu and open the Connected Sources section to obtain your Workspace ID and Workspace Key.

Setting charm

Obtaining your Workspace credentials

Configuring your Auth0 extension

In the Auth0 Dashboard, go to the Extensions section and click on CREATE EXTENSION.

Enter the extension's Github repository: https://github.com/ealsur/auth0-loganalytics-extension

And provide the required information:

  • LOGANALYTICS_WORKSPACEID: The Workspace ID you obtained in the OMS Portal.
  • LOGANALYTICS_WORKSPACEKEY: The Workspace Key you obtained in the OMS Portal.
  • LOGANALYTICS_NAMESPACE: A text identifier that will be used to group all log records coming from Auth0.
  • LOGANALYTICS_APIVERSION: Optional parameter to specify the API version you want to use. It defaults to the latest.

Once those parameters are set, the extension will start shipping logs on the predefined schedule.

Installed extensions

After a few minutes, you will be able to query and start obtaining information from your logs and create dashboards and alerts.

Auth0 logs showing in Log Analytics

Aside: Securing Applications with Auth0

Are you building a B2C, B2B, or B2E tool? Auth0, can help you focus on what matters the most to you, the special features of your product. Auth0 can improve your product's security with state-of-the-art features like passwordless, breached password surveillance, and multifactor authentication.

We offer a generous free tier so you can get started with modern authentication.

Conclusion

Log Analytics is a very flexible and reliable service that can be used to store and query logs from not only your Auth0 account, but all your other applications, servers, and services, in one place, create awesome dashboards, and maintain alert flows that will let you visualize and maintain your entire company or product on check.