Description:
This policy ensures that the auto provisioning of the Log Analytics agent for Azure VMs is set to "On". This means that the Log Analytics agent will be automatically provisioned on all new Azure VMs that are created.

Rationale:
The Log Analytics agent is a valuable tool for collecting and monitoring telemetry data from Azure VMs. By ensuring that the auto provisioning of the Log Analytics agent is set to "On", organizations can ensure that they are collecting telemetry data from all of their Azure VMs.

Impact:
If the auto provisioning of the Log Analytics agent is not set to "On", it means that the Log Analytics agent will not be automatically provisioned on new Azure VMs. This means that organizations will not be able to collect telemetry data from these VMs.

Default Value:
The default value for this policy is "Off". This means that the policy is not enforced by default, and organizations must manually enable it if they want to use it.

Pre-requisites:

  • The organization must have Azure Policy enabled.
  • The organization must have the appropriate permissions to manage Azure Policy.

Remediation Steps:
To remediate this policy, you will need to set the auto provisioning of the Log Analytics agent to "On". You can do this by following these steps:

  1. Sign in to the Azure portal.
  2. Search for and select "Azure Policy".
  3. In the Azure Policy menu, select "Policy definitions".
  4. Find the policy named "Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On'".
  5. Click on the "Edit" button.
  6. In the "Settings" section, set the value of the "Mode" property to "Enforce".
  7. Click on the "Save" button.

Test Plan:
To test whether the policy is working correctly, you can follow these steps:

  1. Create a new Azure VM.
  2. Verify that the Log Analytics agent is automatically provisioned on the VM.

Implementation Plan:
The policy can be implemented in two ways:

  • Azure Console: You can enable the policy using the Azure portal.
  • Azure CLI: You can enable the policy using the Azure CLI.

Backout Plan:
To back out of this policy, you will need to set the auto provisioning of the Log Analytics agent to "Off". You can do this by following these steps:

  1. Sign in to the Azure portal.
  2. Search for and select "Azure Policy".
  3. In the Azure Policy menu, select "Policy definitions".
  4. Find the policy named "Ensure that Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On'".
  5. Click on the "Edit" button.
  6. In the "Settings" section, set the value of the "Mode" property to "Disabled".
  7. Click on the "Save" button.

Note:

  • This policy is applicable to all Azure subscriptions.
  • This policy is enforced by Azure Policy.

Reference: