iCompaas Support

Profile Applicability:

• Level 2

Description:
 Storage Logging tracks and records requests made to the Azure Queue service, including read, write, and delete operations. Enabling logging provides valuable insights for monitoring, troubleshooting, and auditing access and usage patterns.

Rationale:
 Enabling Storage Logging helps detect suspicious activities, supports forensic investigations, and ensures compliance with organizational and regulatory requirements by maintaining detailed access records.

Impact:

Pros:

• Enhances visibility into queue service operations.
  

• Supports security monitoring and auditing.
  

• Facilitates troubleshooting and performance analysis.
  

Cons:

• May increase storage costs due to log data accumulation.
  

• Requires management of log retention policies.
  

Default Value:
 Storage Logging is disabled by default and must be explicitly enabled.

Pre-requisites:

• Azure Storage Account with Queue service enabled.
  

• Permissions to configure storage logging settings.
  

Remediation

Test Plan:

Using Azure Portal:

1. Sign in to https://portal.azure.com.
   

2. Navigate to the Storage Account.
   

3. Under Monitoring, select Diagnostic settings or Storage Logging.
   

4. Verify that logging is enabled for the Queue service, including Read, Write, and Delete operations.
   

Using Azure CLI:

1. Check logging settings for queue service:
   

   # az storage logging show --account-name <storage-account-name> --services q

2. Confirm logging for r (read), w (write), and d (delete) is enabled.
   

Implementation Plan

Using Azure Portal:

1. Enable logging for the Queue service and select Read, Write, and Delete operations.
   

2. Configure retention period for logs as per policy.
   

3. Save and validate settings.
   

Using Azure CLI:

1. Enable logging with all operations and set retention days:
   

   # az storage logging update --services q --log rwd --retention-days <days> --account-name <storage-account-name>

2. Verify logging configuration.
   

Backout Plan

Using Azure Portal:

1. Disable logging if necessary.
   

2. Evaluate impact on monitoring and auditing.
   

Using Azure CLI:

Disable logging:

# az storage logging update --services q --log '' --retention-days 0 --account-name <storage-account-name>

• Azure Storage Analytics Logging
• Monitor Azure Storage