From 7bba239f56fc377038a674a9937cda79f5390ad5 Mon Sep 17 00:00:00 2001
From: Ibrahim Ali Khan <heyibrahimkhan@users.noreply.github.com>
Date: Thu, 8 Jul 2021 20:40:03 +0500
Subject: [PATCH] Create ala-azure-activitylogs.yml

Azure Activity Logs mapping for Azure Log Analytics
---
 tools/config/ala-azure-activitylogs.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 tools/config/ala-azure-activitylogs.yml

diff --git a/tools/config/ala-azure-activitylogs.yml b/tools/config/ala-azure-activitylogs.yml
new file mode 100644
index 000000000..d02013f40
--- /dev/null
+++ b/tools/config/ala-azure-activitylogs.yml
@@ -0,0 +1,10 @@
+title: Azure Activity Logs mapping for Azure Log Analytics
+order: 20
+backends:
+  - ala
+  - ala-rule
+fieldmappings:
+  claims.name: Caller
+  properties.message: OperationNameValue
+  properties.eventCategory: CategoryValue
+  resourceProviderName.value: ResourceProviderValue