Added the requested changes to --> PR - UserStory30177-Monitoring-LogAnalytics

docs/content/services/monitoring/log-analytics/_index.md

@@ -20,6 +20,7 @@ The below table shows the list of resiliency recommendations for Log Analytics a
 | [LOG-2 - Link Log Analytics Workspace to an Availability Zone enabled dedicated cluster](#log-2---link-log-analytics-workspace-to-an-availability-zone-enabled-dedicated-cluster) | Medium  | Preview |         Yes          |
 | [LOG-3 - Configure data collection to send critical data to multiple workspaces in different regions](#log-3---configure-data-collection-to-send-critical-data-to-multiple-workspaces-in-different-regions) | Medium  | Preview  |         No         |
 | [LOG-4 - Create a health status alert rule for your Log Analytics workspace](#log-4---create-a-health-status-alert-rule-for-your-log-analytics-workspace) | Low  | Preview  |         No         |
+| [LOG-5 - Configure minimal logging and retention of logs](#log-5---configure-minimal-logging-and-retention-of-logs) | Low  | Preview  |         Yes         |
 {{< /table >}}
 
 {{< alert style="info" >}}
@@ -129,3 +130,31 @@ A health status alert will proactively notify you if a workspace becomes unavail
 {{< /collapse >}}
 
 <br><br>
+
+### LOG-5 - Configure minimal logging and retention of logs
+
+**Category: Monitoring**
+
+**Impact: Low**
+
+**Guidance**
+
+ Azure Monitor Logs automatically retains log data for a specific period of time depending on the data type (for example, 31 days for platform logs and metrics). However, you may need to retain your data for longer periods for compliance or business reasons. You can configure the data retention settings based on your requirements.
+
+ For long-term storage, it might be necessary to move logs from Azure Monitor to a more cost-effective storage solution, such as Azure Blob Storage. This allows you to keep logs for an extended period of time without incurring high costs.
+
+**Resources**
+
+- [Data retention and archive in Azure Monitor Logs](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/data-retention-archive?tabs=portal-1%2Cportal-2)
+- [Run search jobs in Azure Monitor](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/search-jobs?tabs=portal-1%2Cportal-2)
+- [Restore logs in Azure Monitor](https://learn.microsoft.com/en-us/azure/azure-monitor/logs/restore?tabs=api-1)
+
+**Resource Graph Query/Scripts**
+
+{{< collapse title="Show/Hide Query/Script" >}}
+
+{{< code lang="sql" file="code/log-5/log-5.kql" >}} {{< /code >}}
+
+{{< /collapse >}}
+
+<br><br>

docs/content/services/monitoring/log-analytics/code/log-5/log-5.kql

@@ -0,0 +1,6 @@
+//Configure minimal logging and retention of logs.
+//Query to get the list of Log analytics workspaces and their current configured retention period
+resources
+| where type == "microsoft.operationalinsights/workspaces"
+| extend RetentionPeriod = tostring(properties.retentionInDays), SkuName=tostring(properties.sku.name)
+| project recommendationId="log-5", name,location,resourceGroup,RetentionPeriod,SkuName,subscriptionId