last sync: 2024-Nov-25 18:54:24 UTC

[Preview]: ChangeTracking extension should be installed on your Windows virtual machine

Azure BuiltIn Policy definition

Source Azure Portal
Display name [Preview]: ChangeTracking extension should be installed on your Windows virtual machine
Id 221aac80-54d8-484b-83d7-24f4feac2ce0
Version 2.0.0-preview
Details on versioning
Versioning Versions supported for Versioning: 1
2.0.0-preview
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description Install ChangeTracking Extension on Windows virtual machines to enable File Integrity Monitoring(FIM) in Azure Security Center. FIM examines operating system files, Windows registries, application software, Linux system files, and more, for changes that might indicate an attack. The extension can be installed in virtual machines and locations supported by Azure Monitoring Agent.
Mode Indexed
Type BuiltIn
Preview True
Deprecated False
Effect Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled
RBAC role(s) none
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/imageOffer Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.offer
properties.virtualMachineProfile.storageProfile.imageReference.offer
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imagePublisher Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.publisher
properties.virtualMachineProfile.storageProfile.imageReference.publisher
properties.creationData.imageReference.id
True
True
True


False
False
False
Microsoft.Compute/imageSku Microsoft.Compute
Microsoft.Compute
Microsoft.Compute
virtualMachines
virtualMachineScaleSets
disks
properties.storageProfile.imageReference.sku
properties.virtualMachineProfile.storageProfile.imageReference.sku
properties.creationData.imageReference.id
True
True
True


False
False
False
THEN-ExistenceCondition (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Compute/virtualMachines/extensions/provisioningState Microsoft.Compute virtualMachines/extensions properties.provisioningState True False
Microsoft.Compute/virtualMachines/extensions/Publisher Microsoft.Compute virtualMachines/extensions properties.publisher True False
Microsoft.Compute/virtualMachines/extensions/type Microsoft.Compute virtualMachines/extensions properties.type True False
Rule resource types IF (1)
Microsoft.Compute/virtualMachines
Compliance Not a Compliance control
Initiatives usage none
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-12-21 17:43:51 change Major, suffix remains equal (1.0.0-preview > 2.0.0-preview)
2021-11-12 16:23:07 add 221aac80-54d8-484b-83d7-24f4feac2ce0
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC