The Microsoft Azure REST APIs for application insight can help you to delete / remove / purge data stored in application insights based on filters you specify. This API (MS docs) permits you to purge data in an Application Insights component by applying a set of user-defined filters.
First step:
To use the REST API you need to authenticate by using Azure Active Directory OAuth2. To do that, you need to register an application into your Azure AD:
When the app is created, create a key for the application registration.
Select your AD application, click on Certificates and Secrets and then create a new client secret. Save the value, because you will need it later.
Next step:
You need to assign a role to your app in order to access the Application Insights resource.
Select the Application Insight resource, click on Access Control (IAM) and then add a role assignment:
Create a new role assignment with Data Purger as the role and select your app registration (Created in the first step; in my case PureAppInsights):
After the role assignment the setup for authorization is finished.
We are ready to build the powershell script.
Go to the registered app to get theapplication(client) ID and Directory (tenant) ID.
Go t
## AUTHENTICATION PART ##
# Import the AzureRM.Profile module #
Import-Module AzureRM.Profile
# Application (Client) ID of the registered app #
$appId = "APPLICATION_ID_REGISTERED_APP"
# Client secret value for the app registration #
$key = "CLIENT_SECRET_REGISTERED_APP"
# Azure Active Directory tenant ID #
$tenantId = "AZURE_AD_TENANT_ID"
# Azure Subscription ID #
$subscriptionId = "SUBSCRIPTION_ID"
# Resource group of the Application Insight Recource #
$resourceGroupName = "APPINSIGHTS_RESOURCEGROUP_NAME"
# Name of the Application Insight instance #
$resourceName = "APPINSIGHTS_RESOURCE_NAME"
# Create the authentication URL #
$authUrl = "https://login.windows.net/${tenantId}"
# Get the authentication context #
$AuthContext = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext]$authUrl
# Build the credential object #
$credentials = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.ClientCredential -ArgumentList $appId,$key
# Get the token form AAD #
$result = $AuthContext.AcquireToken("https://management.core.windows.net/",$credentials)
# Build the authorization header JSON object #
$authHeader = @{
'Content-Type'='application/json'
'Authorization'=$result.CreateAuthorizationHeader()
}
## END AUTHENTICATION PART ##
## PURGE DATA PART ##
# Creates the API URI #
$URI = "https://management.azure.com/subscriptions/${subscriptionId}/resourceGroups/${resourceGroupName}/providers/Microsoft.Insights/components/${resourceName}/purge?api-version=2015-05-01"
# ***Choose which table you want to purge and enter a date when you want to purge #
$body = @"
{
"table": "traces",
"filters": [
{
"column": "timestamp",
"operator": "<",
"value": "2022-02-02T00:00:00.000"
}
]
}
"@
# Invoke the REST API to purge the data on the Application Insights recource you have chosen #
$purgeID=Invoke-RestMethod -Uri $URI -Method POST -Body $body -Headers $authHeader
Start-Sleep -Seconds 5
# Show the purge ID #
Write-Host "Purge ID" $purgeID.operationId
## END PURGE DATA PART ##
## GET PURGE STATUS PART ##
# Create the API URI to get the purge status #
$purgeURI="https://management.azure.com/subscriptions/$subscriptionId/resourceGroups/${resourceGroupName}/providers/Microsoft.Insights/components/${resourceName}/operations/$($purgeID.operationId)?api-version=2015-05-01"
Invoke-RestMethod -Uri $purgeURI -Method GET -Headers $authHeader
## END GET PURGE STATUS PART ## Run the script and you’ll get the following response.
A purge task of Application Insights data is not immediatly executed. You can see the status of the task by sending a GET request as follows:
Invoke-RestMethod -Uri $uri -Method GET -Headers $authHeader
You also can check the activity log of the App Insights resource to check if the purge action is started:
If you check the status a day later, you will get the result below.
***Choose the table you want to purge
Add to:
"table": "tablename"
