The Advanced and Enterprise editions of Security Center support the log analysis feature. This feature allows you to query and analyze log data in real time. This topic describes how to activate log analysis.
Background information
You must upgrade the Basic edition to the Advanced or Enterprise edition before you can activate log analysis. For more information about upgrading
Security Center, see Renewal and upgrade.
Notice By default, the following logs are enabled in Security Center: security, network,
and host logs. Only the Enterprise edition supports network logs. The Advanced edition
does not support network logs. The Advanced edition displays only security and host
logs on the Log Analysis page.
After you activate log analysis, Log Service automatically creates a dedicated Logstore to store Security Center logs. You can view information about the Logstore in the . For more information about Logstore limits, see Limits.