In order to use the software inventory and change tracking, regardless of the region, the deprecated Microsoft Monitoring Agent must currently be used. The solution uses an Azure Automation account that is connected to the MMA/OMS Extension and reports the data into a Log Analytics Workspace. The new solution, which uses the Azure Monitoring Agent (AMA) and does not require an Azure Automation account, currently only works in some regions.

To activate automatic software inventory and change tracking, I recommend:

  1. Deploy User Managed Identity in the Role Virtual Machine Contributor on all scopes, the Software Inventory should be used
  2. Deploy a Log Analytics Workspace
  3. Deploy an Azure Automation Account
  4. Activate Inventory on the Automation Account and connect it to the Log Analytics Workspace
  5. Deploy the Policies to the needed scopes and use the User Managed Identity from 1 for remediation:
    Deploy - Configure Log Analytics extension to be enabled on Windows virtual machines
    Deploy Log Analytics extension for Linux VMs. See deprecation notice below
  6. Activate the Manage Machines feature Enable on all available and future machines in the Automation Account

The policies ensure the installation of the extensions and the connection to the workspace. But the last step ensures change tracking on all linked VMs and on all future VMs:

The connected VMs are listed in the workspace:

The Change and Inventory Information can be found in the Logs of the Log Analytics Workspace

⚠️ Please note that data will age out in the Log Analytics Workspace. If they are to be kept longer, they must be exported or the recovery time must be increased.