Control: Azure > CIS v3.0 > 06 - Logging & Monitoring > 06.01 - Configuring Diagnostic Settings > 06.01.05 - Ensure that Network Security Group Flow logs are captured and sent to Log Analytics

Configures auditing against a CIS Benchmark item.

Level: 2

Ensure that network flow logs are captured and fed into a central log analytics workspace.

Network Flow Logs provide valuable insight into the flow of traffic around your network and feed into both Azure Monitor and Azure Sentinel (if in use), permitting the generation of visual flow diagrams to aid with analyzing for lateral movement, etc.

Resource Types

This control targets the following resource types:

Azure > Network Watcher > Flow Log

Policies

This control type relies on these other policies when running actions:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv3-0#/control/types/r060105

Category URI

tmod:@turbot/cis#/control/categories/v071208

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv3-0#/control/types/r060105") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv3-0#/control/types/r060105'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv3-0#/control/types/r060105"