Detections
Analytics

Ensure that the attribute 'edge_logging_option' in Defender for IoT is not set to false

MEDIUM

Description

Not enabling IoT Hub Edge logging may impact activity tracking and incident response.

Remediation

In Azure Console -

  1. Go to Azure IoT Hub.
  2. Choose an IoT Hub to edit.
  3. In the Defender for IoT, Choose Settings.
  4. Click on the Recommendation Configuration and choose the Edge Logging option recommendation.
  5. Click Enable.

In Terraform -

  1. In the azurerm_iot_security_solution resource, set recommendations_enabled.edge_logging_option to true.

References:
https://learn.microsoft.com/en-us/azure/defender-for-iot/device-builders/concept-baseline
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/iot_security_solution#edge_logging_option

Policy Details

Rule Reference ID: AC_AZURE_0104
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_iot_security_solution
Resource Category: Management
Resource Type: IoT Hub

Frameworks