locked
GDPR compliant - Logic App Run History, Azure Functions and Azure Log Analytics data retention. RRS feed

  • Question

  • Hi.

    I posted a tweet at the Azure support about this question but I didn't get much of an answer there more than a link to a blog they've posted about GDPR. It didn't help me much there, so I guess I'll try here.

    The question was about if there was any way of deleting the "Run History Logs", "Monitor Logs" and "Logs" in Azure Logic Apps, Functions and Log Analytics in a frequent manner (in my case every log that is more than 72 hours old).

    (Actually I forgot to specify Log analytics in the tweet so i'll do it here...)

    Azure support answered: "From the looks of it, it doesn't seem so."

    twitter.com/JohnTutumlu/status/1042332606560460800

    So the reason I'm asking if anyone know how to solve this problem or have some kind of workaround to it is in Correlation to the GDPR laws that are in place today.

    As I mentioned in the tweet. Sometimes sensitive data is run through for example the Logic App and Azure Function resources. Even though i'm responsible enough to delete the logs and other data alike, I can still see the some of the information in the "Run History" of my logic apps for example.    

    As I see it right now I cant see how this falls inside the boundaries of GDPR.

    EDIT:

    Aure Support On Twitter game me what looks to be a solution for Log Analytics. I'll test it and edit this post as soon as i have my answer for Log Analytics.

    Link: aka.ms/loganMSDNforumq

    Whats left it how to delete every log from "Run History" and "Monitor Logs" from Logic Apps and Azure Functions.

    • Edited by IB_John Thursday, September 20, 2018 8:17 AM
    Wednesday, September 19, 2018 10:25 AM

Answers

  • Right now, there is no way to delete a Run History.*

    As for compliance, I'd let your Compliance Officer(s) determine that after reviewing Microsoft's GDPR guidelines.

    *Outside re-provisioning the Logic Apps.

    Thursday, September 20, 2018 3:58 PM
  • Keep in mind, retention is not deleting which seems to be OP's question.

    There is no public API for deleting a Run History.

    It's also possible, though unlikely, the setting will change at GA and it currently doesn't support 72 hrs, at least in East US.

    Thursday, September 20, 2018 5:04 PM

All replies

  • Hi,

    there is some guidelines provided by Microsoft to make Microsoft Azure as GDPR complaint (Refer Link#1)

    Azure Accountibility readiness checklist will help you to achive this requirements(Refer Link#2) also you can refer the TrustDocuments provided by Microsoft to using the different controls or tools over Azure(Refer Link#3)

    Link#1 https://azure.microsoft.com/en-in/blog/achieving-gdpr-compliance-in-the-cloud-with-microsoft-azure/

    Link#2 https://docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-arc-azure

    Link#3 https://servicetrust.microsoft.com/ViewPage/TrustDocuments

    HTH


    Hope this Helps!!!! Regards, Note: Please Mark As Answered if you satisfy with Reply.

    Wednesday, September 19, 2018 11:12 AM
  • Sorry this doesn't help me. Maybe you could link me the exact documentation on how i exactly delete all the log information ("Run History", "Monitor logs", "Log Analytics logs") in "Logic Apps", "Functions" and "Log analytics" to ensure not storing sensitive data in Azure Portal according to GDPR guide lines.

    A Workaround would be good to, any guides or even ideas would be really good too then i could probably take it from there and try to setup or develop some kind of solution around existing working ideas that work inside the boundaries of the GDPR Rules.

    Thank you for your answer though :)


    • Edited by IB_John Wednesday, September 19, 2018 2:47 PM
    Wednesday, September 19, 2018 12:17 PM
  • Hi Check this,

    https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-personal-data-mgmt#how-to-export-and-delete-private-data


    Hope this Helps!!!! Regards, Note: Please Mark As Answered if you satisfy with Reply.

    Wednesday, September 19, 2018 3:05 PM
  • Thanks, This is the same link i got on the twitter thread on twitter.

    So i've looked into the solution given in the link now, and this is still not the answere i'm looking for.

    as i expected int's not a simple delete of logs and rows in the log-analytic tables.

    "While we expect the vast majority of purge operations to complete much quicker than our SLA, due to their heavy impact on the data platform used by Log Analytics, the formal SLA for the completion of purge operations is set at 30 days."

    This is not optimal for solutions that only have a time-span of hours to purge their information according to GDPR laws.


    How do i do this for "Run History" and "Monitor Logs" for Logic apps and Azure Functions?

    Thank you for your answer! :)
    • Edited by IB_John Thursday, September 20, 2018 11:21 AM
    Thursday, September 20, 2018 9:12 AM
  • Hi,

    This is something what Microsoft had in its plan and will deliver soon for Logic Apps(Refer Link#1) as discussed in INTEGRATE 2018 (UK) in Jun 2018.

    So request you to get in touch with Azure support team to get the release date plans(Refer Link#2),

    Link#1 https://blogs.biztalk360.com/integrate-2018-recap-of-day-2/

    Link#2 https://feedback.azure.com/forums/287593-logic-apps/suggestions/32023657-sanitize-run-history-content

    HTH


    Hope this Helps!!!! Regards, Note: Please Mark As Answered if you satisfy with Reply.

    Thursday, September 20, 2018 12:59 PM
  • Sorry this is still not the answer i'm looking for. :)

    Its not about who can se or not see the logs. it has to do with the GDPR directions.

    That is:

    "Being able to purge data logs when its being requested"

    I'm not after securing the data behind restrictions.

    What i EXACTLY want to do is to purge/delete/remove all logs, history and runs from Logic Apps, Azure Functions and log analytics.

    And by the answers i'm getting pointing me to things i haven't asked for i can only take it as this functionality (again: To DELETE monitor logs and Run History in Logic apps, Azure Functions and Log analytics) doesn't exist?

    Am i correct in assuming this?

    Thanks for your answer! :)


    • Edited by IB_John Thursday, September 20, 2018 1:18 PM
    Thursday, September 20, 2018 1:15 PM
  • Right now, there is no way to delete a Run History.*

    As for compliance, I'd let your Compliance Officer(s) determine that after reviewing Microsoft's GDPR guidelines.

    *Outside re-provisioning the Logic Apps.

    Thursday, September 20, 2018 3:58 PM
  • Hi John,

    Greetings!

    you may delete the run history of Logic Apps with the below steps

    1)Go to logic app properties-->workflow settings
    2)scroll down till run history retention
    3)Choose custom retention period for your logs in your case 72 hours(3 days).

    Hope this helps!!, Cheers!! let me know if it helps

    Best  Regards,
    Suraj Revankar

    Thursday, September 20, 2018 4:21 PM
  • Keep in mind, retention is not deleting which seems to be OP's question.

    There is no public API for deleting a Run History.

    It's also possible, though unlikely, the setting will change at GA and it currently doesn't support 72 hrs, at least in East US.

    Thursday, September 20, 2018 5:04 PM
  • Thank you for your answers People!

    @Johns-305

    Now thats a stright answer thank you for that! Does this apply to the logs of Azure functions and Log analytics too?

    @Suraj Revankar 

    Yeah, i had been looking into that one too. but as said in the previous posts, Logic app history retention doesn't go lower than 7 days sadly...  

    Friday, September 21, 2018 6:28 AM
  • Hi John,

    yep i just tried to reduce till 3 days with custom doesn't go less than 7 days. I hope Microsoft fixes this soon. In order to allow the user to select the custom retention period.

    Best Regards,
    Suraj Revankar

    Monday, September 24, 2018 2:53 PM
  • Has anyone got an entry in Feedback https://feedback.azure.com/forums/287593-logic-apps/

    For purging runs and/or setting history to less than 7 days? If so, I'd like to vote them up....


    Tom Schulte | Plex Systems

    Friday, September 6, 2019 6:25 PM