StratoLens LogoStratoLens

Automated Azure Environment Scanning

StratoLens scans your Azure estate to discover resources, RBAC, cost, security, policy, and activity data. Run scans on demand or on a schedule, and tune what gets collected through Scanner Settings, Schedules, and Data Exclusions.

What You'll Learn

This documentation covers everything you need to run and tune scans:

  • Start manual scans and watch real-time progress
  • Review past scans, warnings, and detailed results in Scan History
  • Configure scanner behavior, thresholds, and sensitivity
  • Schedule automatic scans and retention-based cleanup
  • Exclude specific management groups, subscriptions, or resource groups from data collection

Key Capabilities

Complete Azure Discovery

Scans entities, configuration, RBAC, cost data, activity logs, security posture, and policy compliance across management groups, subscriptions, resource groups, and resources.

Zero Data Exfiltration

All scan data stays in your environment. StratoLens runs with a managed identity in your Azure tenant and writes results to storage you control.

Real-Time Progress

Dual progress bars show overall progress plus the current phase. Navigate away while the scan runs, the progress continues in the background.

Automatic Backfill

After your first scan, StratoLens backfills historical Activity Logs (up to 80 days), Cost Data (up to about 6 months), and resource change history (up to 14 days).

Scan History and Audit

Every scan is timestamped, status-tracked, and stored with warnings and entity counts for auditing. Failed and cancelled scans stay in history but do not feed dashboards.

Scope and Phase Exclusions

Exclude any scope from scans entirely, or exclude specific data types (for example, skip Cost Data on a sensitive subscription while keeping inventory).

Flexible Scheduling

Run scans daily or hourly. The default cadence is every 8 hours. Independent schedules control auto-delete, data retention, and SKU catalog refresh.

Documentation Sections

Work through these sections in order for a new install, or jump straight to the setting you need to change.

Scan Overview

Start a new scan, watch real-time progress, and see quick stats on the most recent scan.

Read: Scan Overview →

Scan History

Review past scans, open the Scan Details modal, inspect warnings, and delete old scans in bulk.

Read: Scan History →

Settings: Scanner

Configure Activity Log source, cost anomaly thresholds, VM sizing aggressiveness, and quota monitoring.

Read: Settings > Scanner →

Settings: Schedules

Control when scans run automatically and when old scans, cost data, and activity data are cleaned up.

Read: Settings > Schedules →

Settings: Data Exclusions

Exclude management groups, subscriptions, or resource groups from scans, either entirely or from specific data types.

Read: Data Exclusions →

Want to learn more about what Automated Azure Environment Scanning can do?

Check out the feature page for benefits, use cases, and highlights.

View Feature Page