iCompaas Support

Profile Applicability:

•  Level 2

Description:
 Storage Logging records requests to the Azure Table service, capturing read, write, and delete operations. Enabling this logging improves visibility into table storage usage and supports auditing, troubleshooting, and security monitoring.

Rationale:
 Activating Storage Logging assists in detecting unauthorized access, supports forensic investigations, and helps meet compliance requirements by providing detailed operation logs.

Impact:

Pros:

• Enhances monitoring of Table service operations.
  

• Facilitates security audits and troubleshooting.
  

• Supports regulatory compliance.
  

Cons:

• Increases storage consumption and potential costs due to log retention.
  

• Requires management of log data and retention policies.
  

Default Value:
 Storage Logging is disabled by default and must be explicitly enabled.

Pre-requisites:

• Azure Storage Account with Table service enabled.
  

• Permissions to configure logging settings.
  

Remediation

Test Plan:

Using Azure Portal:

1. Sign in to https://portal.azure.com.
   

2. Navigate to the Storage Account.
   

3. Under Monitoring, select Diagnostic settings or Storage Logging.
   

4. Verify logging is enabled for the Table service with Read, Write, and Delete operations.
   

Using Azure CLI:

1. Check logging settings for table service:
   

   # az storage logging show --account-name <storage-account-name> --services t

2. Confirm logging for r (read), w (write), and d (delete) is enabled.
   

Implementation Plan

Using Azure Portal:

1. Enable logging for Table service with Read, Write, and Delete operations selected.
   

2. Set log retention period according to policy.
   

3. Save and confirm settings.
   

Using Azure CLI:

1. Enable logging with all operations and retention days:
   

   # az storage logging update --services t --log rwd --retention-days <days> --account-name <storage-account-name>

2. Verify logging configuration.
   

Backout Plan

Using Azure Portal:

1. Disable logging if needed.
   

2. Assess effects on monitoring and audit capabilities.
   

Using Azure CLI:

1. Disable logging:
   

   # az storage logging update --services t --log '' --retention-days 0 --account-name <storage-account-name>

References:

• Azure Storage Analytics Logging
• Monitor Azure Storage