Diagnostic Settings v2 - What's Missing #1644
Replies: 4 comments 2 replies
-
There is no built in policy for: |
Beta Was this translation helpful? Give feedback.
-
I dont see any of the 4 Storage Account Diagnostic settings I assume that they are all in this resource type: |
Beta Was this translation helpful? Give feedback.
-
I am a little confused. At first I thought the builtin inititiative Enable allLogs category group resource logging for supported resources to Log Analytics (0884adba-2312-4468-abeb-5422caed1038) is the complete initiative for all diagnostic logging on all resource types, but it is not. Is it a goal for this initiative to be complete in that respect? Or should I create my own initiative with policies that I miss The initiative lacks policies for web applications, function apps and storage accounts, for instance. |
Beta Was this translation helpful? Give feedback.
-
The new All Logs policy do not configure any METRICS and there is no built in policy for configuring additional metrics. Problem is that metrics are required for proper defender / threat analysis. Any suggestions on how to tackle? MORE INFO:Screenshot on the KeyVault policy to enable "AllLogs" (you can see the empty Metrics) For Dutch public sector there is a Built In BIO policy urging to enable metric logging on several resources : And a blog post with a recommendation to enable metrics on storage, eventhub, keyvault, apps and networking |
Beta Was this translation helpful? Give feedback.
-
Diagnostic Settings have had a lot of attention here in ALZ land, but with the transition to using the new built-in initiatives and policies, there may be some gaps. This is the place to share those gaps, with people that can potentially drive improvements regularly reviewing.
If you find a service not covered, please added it to this discussion thread so we can track it.
Beta Was this translation helpful? Give feedback.
All reactions