Skip to main content
Reach out to Omni support to have audit logs enabled for your instance.
Audit logs are detailed records of the activity your users are taking in Omni, which can be useful for security and performance analysis. Events included in logs are structured as JSON payloads and sent in batches to your cloud storage a few minutes after they’re written. For Azure, Omni hosts the storage. Omni creates a dedicated blob container for your instance and grants your Microsoft Entra principal read access to it, so you can read your audit logs without managing any storage, keys, or shared credentials.

Requirements

To follow the steps in this guide, you’ll need:
  • To have audit logs enabled in your Omni instance
  • A Microsoft Entra principal (a service principal, user, or group) that will read the audit logs
  • Permissions in Azure that allow you to find the principal’s object ID and read from a blob container

Setup

After audit logs are enabled in your instance, complete the following:
1

Identify the Entra principal that will read the logs

Decide which Microsoft Entra principal should have read access to your audit logs. This is typically a service principal, but it can also be a user or group.Find the principal’s object ID (a UUID) in the Microsoft Entra admin center or with the Azure CLI.
2

Provide Omni support with your principal details

Reach out to Omni support with the following:
  • Principal object ID — the UUID of the Entra principal that will read the logs
  • Principal type — one of ServicePrincipal, User, or Group
  • Tenant ID — your Entra tenant ID (optional, but helpful)
3

Complete setup with Omni support

Omni creates a blob container for your instance, grants your principal the Storage Blob Data Reader role on that container, and starts delivering audit logs.Omni support will share the storage account name and container name you can use to read your logs.
Once configured, audit logs are automatically delivered to your container. Authenticate to Azure Blob Storage with your Entra principal—using a tool like Azure Storage Explorer or the az storage blob CLI—to read them.

Next steps