5. Logging and Monitoring
Description: Enable Diagnostic settings for exporting activity logs. Diagnostic settings are available for each individual resource within a subscription. ...
Fri, 8 Sep, 2023 at 5:53 AM
Description: The diagnostic setting should be configured to log the appropriate activities from the control/management plane. Rationale: A diagnostic ...
Fri, 8 Sep, 2023 at 5:54 AM
Description: The storage account container that stores exported Azure Activity Logs must not be publicly accessible. Activity logs contain sensitive operat...
Wed, 31 Dec, 2025 at 3:30 AM
Description: Storage Account encryption with Customer Managed Keys (CMK) provides an additional layer of security by using an organization's own Azure ...
Wed, 31 Dec, 2025 at 3:34 AM
Description: Create an activity log alert for the Delete Policy Assignment event. Rationale: Monitoring for delete policy assignment events gives insi...
Tue, 22 Aug, 2023 at 5:02 AM
Description: Azure Network Security Groups control inbound and outbound traffic for resources such as virtual machines, subnets, and NICs. Any creation or ...
Wed, 31 Dec, 2025 at 3:58 AM
Description: Create an activity log alert for the Delete Network Security Group event. Rationale: Monitoring for "Delete Network Security Group&q...
Tue, 22 Aug, 2023 at 4:46 AM
Description: Create an activity log alert for the Create or Update Network Security Group Rule event. Rationale: Monitoring for Create or Update Netwo...
Wed, 9 Aug, 2023 at 8:23 AM
Description: Azure Network Security Groups (NSGs) enforce network filtering rules for virtual machines, subnets, and other Azure resources. Deleting an NSG...
Wed, 31 Dec, 2025 at 4:03 AM
Description: Azure Security Solutions include integrations such as vulnerability scanners, endpoint protection services, SIEM connectors, and third-party t...
Wed, 31 Dec, 2025 at 4:07 AM