AzPolicyAdvertizer

last sync: 2024-Sep-18 17:50:24 UTC

Audit flow logs configuration for every virtual network

Azure BuiltIn Policy definition

Source Azure Portal
Display name Audit flow logs configuration for every virtual network
Id 4c3c6c5f-0d47-4402-99b8-aa543dd8bcee
Version 1.0.1
Details on versioning
Versioning Versions supported for Versioning: 2
1.0.0
1.0.1
Built-in Versioning [Preview]
Category Network
Microsoft Learn
Description Audit for virtual network to verify if flow logs are configured. Enabling flow logs allows to log information about IP traffic flowing through virtual network. It can be used for optimizing network flows, monitoring throughput, verifying compliance, detecting intrusions and more.
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
Audit
Allowed
Audit, Disabled
RBAC role(s) none
Rule aliases IF (1)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Network/virtualNetworks/flowLogs[*] Microsoft.Network virtualNetworks properties.flowLogs[*] True False
Rule resource types IF (1)
Microsoft.Network/virtualNetworks
Compliance
The following 2 compliance controls are associated with this Policy definition 'Audit flow logs configuration for every virtual network' (4c3c6c5f-0d47-4402-99b8-aa543dd8bcee)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
CIS_Azure_2.0.0 5.1.6 CIS_Azure_2.0.0_5.1.6 CIS Microsoft Azure Foundations Benchmark recommendation 5.1.6 5.1 Ensure that Network Security Group Flow logs are captured and sent to Log Analytics Shared The impact of configuring NSG Flow logs is primarily one of cost and configuration. If deployed, it will create storage accounts that hold minimal amounts of data on a 5-day lifecycle before feeding to Log Analytics Workspace. This will increase the amount of data stored and used by Azure Monitor. Ensure that network flow logs are captured and fed into a central log analytics workspace. Network Flow Logs provide valuable insight into the flow of traffic around your network and feed into both Azure Monitor and Azure Sentinel (if in use), permitting the generation of visual flow diagrams to aid with analyzing for lateral movement, etc. link 3
op.mon.1 Intrusion detection op.mon.1 Intrusion detection 404 not found n/a n/a 50
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type
CIS Microsoft Azure Foundations Benchmark v2.0.0 06f19060-9e68-4070-92ca-f15cc126059e Regulatory Compliance GA BuiltIn
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn
History
Date/Time (UTC ymd) (i) Change type Change detail
2024-01-12 18:35:06 change Patch (1.0.0 > 1.0.1)
2023-04-06 17:42:16 add 4c3c6c5f-0d47-4402-99b8-aa543dd8bcee
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC