Ensure log profile is configured to capture all activities for Azure Monitor Log Profile

MEDIUM

Description

Azure log profile is not configured to capture all activities for Azure Monitor Log Profile, this may make audit challenging.

Remediation

At this time, the console UI does not have remediation steps available. For possible CLI remediation, see the product documentation (below) or use Terraform.

In Terraform -

In the azurerm_monitor_log_profile resource, set categories in array.

References:
https://learn.microsoft.com/en-us/azure/azure-monitor/essentials/activity-log?tabs=powershell
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_log_profile

Policy Details

Rule Reference ID: AC_AZURE_0264

CSP: Azure

Remediation Available: Yes

Domain: Logging and Monitoring

Resource: azurerm_monitor_log_profile

Resource Category: Logging and Monitoring

Resource Type: Monitor

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF

Detections

Analytics