Detections
Analytics

Ensure that failed request tracing is enabled for Azure App Service

MEDIUM

Description

Azure App service has failed request tracing disabled, this may make audit challenging.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to App Services.
  2. Select the App service you wish to edit (the setting only applies to Windows app services).
  3. Select App Service Logs under Monitoring.
  4. Set Failed request tracing to On.
  5. Save.

In Terraform -

  1. In the azurerm_app_service resource, set failed_request_tracing_enabled to true.

References:
https://learn.microsoft.com/en-us/azure/app-service/troubleshoot-diagnostic-logs
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/app_service#failed_request_tracing_enabled

Policy Details

Rule Reference ID: AC_AZURE_0296
CSP: Azure
Remediation Available: Yes
Domain: Logging and Monitoring
Resource: azurerm_app_service
Resource Category: Serverless
Resource Type: App Service

Frameworks