AzPolicyAdvertizer

last sync: 2024-Nov-25 18:54:24 UTC

Resource logs should be enabled for Audit on supported resources

Azure BuiltIn Policy definition

Source Azure Portal
Display name Resource logs should be enabled for Audit on supported resources
Id 187242f4-89c6-4c43-9a4e-188c0efacc5f
Version 1.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]
Category Monitoring
Microsoft Learn
Description Resource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. The existence of a diagnostic setting for category group Audit on the selected resource types ensures that these logs are enabled and captured. Applicable resource types are those that support the "Audit" category group.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Insights/diagnosticSettings/logs[*] microsoft.insights diagnosticSettings properties.logs[*] True False
microsoft.insights/diagnosticSettings/logs[*].categoryGroup microsoft.insights diagnosticSettings properties.logs[*].categoryGroup True False
Microsoft.Insights/diagnosticSettings/logs[*].enabled microsoft.insights diagnosticSettings properties.logs[*].enabled True False
Rule resource types none
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-08-09 17:24:03 add 187242f4-89c6-4c43-9a4e-188c0efacc5f
JSON compare n/a
JSON
api-version=2021-06-01
EPAC