Is there a way to log access to Azure Service Bus? We are looking for a way to log who create/delete a topic/subscription/namespace in Service Bus, either from Azure portal or from an external source like an API or Service Bus Explorer.
We have Azure Activity Log, but it doesn't give a solution for external sources.
We also checked Azure Diagnostic Logs, it doesn't help either.
You can track the activities happened within the Azure portal. But, it is not possible to track the Service Bus activities outside Azure portal. There are few third party solutions available to manage Service Bus Queues and Topics, even there the activities performed within that application only be tracked.
So it is impossible to keep track of the Service Bus within and outside the Azure Portal.
If you want the Service Bus to be restricted outside the Azure Portal, you can do that by restricting the access by IP.
Azure Service Bus .NET client allows diagnostics logging, you will have to enalbe diagnostics it first. That will log what operations where performed, but not who did _what. This feature would have to be supported by the broker and as far as I know is not available yet. I would also imagine that this feature would be available with Premium tier only.
Personally, I'd love to see Event Grid events for these actions fired by Azure Service Bus. This would need to be implemented by the service team. This feature was requested in the past, but saw no action at UserVoice. You could request it using the following repository used for legacy client and broker.