This is a dedicated watch page for a single video.
Your company's security policy requires that all Azure control-plane administrative activities are retained for at least one year for forensic analysis. The security team must be able to perform complex Kusto Query Language (KQL) queries to investigate incidents and use workbooks to visualize activity trends. The default 90-day retention period for the Activity Log is insufficient. Resource Configuration Requirements: - Service: Azure Monitor Activity Log. - Capacity: All control-plane events for a single Azure subscription. - Constraints: Data must be retained for at least 365 days. The solution must natively support complex KQL queries against the entire retained dataset. - Integration: Must support visualization via Azure Monitor Workbooks. - Target: Enable efficient forensic analysis of all administrative activities that occurred over the past year. You need to configure a solution that meets all retention and analysis requirements. Which configuration should you implement?