As you may be aware, you can enable Azure AD Diagnostic Settings to send the logs to either an Azure Log Analytics, an Azure Storage Account, an Azure Event Hub or a partner solution to keep and manage Azure AD logs (sign in, audit, authentication logs) by configuring the AAD Diagnostic Settings.
Well, I ended in a situation where I was not able to configure/update the AAD Diagnostic Settings with the error
An Azure subscription is required to use this capability. Start here to create a new subscription
While in the meantime, my account has Owner access to various Azure Subscriptions.
Well, after lot of troubleshooting with Microsoft Support, it ended to be the Subscriptions filter is NOT synced between Azure portal and Azure AD portal (as shown below – I did not updated the filter options when taking the screenshot)
On the right side you have my Azure Subscriptions filter and on the left side the Azure AD Subscriptions filter; as you can see (even if I have hidden the subscription name) they are not in sync
While these Subscription filters are supposed to be in sync (my opinion, and I’m pretty sure it used to be the case in the past), if you are experiencing the above error message when configuring/updating the Azure AD Diagnostic Settings, just double check the Subscription Filter in AAD Portal.