Finally, we look at how the screening log Azure Bastion as a bastion machine, the auditing function of course is the most important, if we want to see the connection to the VM log by Bastion, it can be achieved by
First, find Azure Bastion, and then turn on diagnostic logging
Here can be set to send Log Log Analystic, or stored directly to storage, the storage time may also be provided in the blob
After the setup is complete, we can go inside to look for the corresponding log storage, you can see that there is already a stored log of container
We can see the log and other services, just as JSON document format
Here we can see the direct source IP access, and access to the Which VM, etc.
In fact, after these log can PowerBI or excel this tool to analyze the information we need