Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Mods
Azure
Loading controls...

Control: Azure > CIS v4.0 > 07 - Management and Governance > 07.01 - Logging and Monitoring > 07.01.01 - Configuring Diagnostic Settings > 07.01.01.05 - Ensure that Network Security Group Flow logs are captured and sent to Log Analytics

Configures auditing against a CIS Benchmark item.

Level: 2

Ensure that network flow logs are captured and fed into a central log analytics workspace.

RETIREMENT NOTICE: On September 30, 2027, network security group (NSG) flow logs will be retired. Starting June 30, 2025, it will no longer be possible to create new NSG flow logs. Azure recommends migrating to virtual network flow logs. For virtual network flow logs, consider applying the recommendation Ensure that virtual network flow logs are captured and sent to Log Analytics in this section.

Network Flow Logs provide valuable insight into the flow of traffic around your network and feed into both Azure Monitor and Azure Sentinel (if in use), permitting the generation of visual flow diagrams to aid with analyzing for lateral movement, etc.

Resource Types

This control targets the following resource types:

  • Azure > Network Watcher > Flow Log

Policies

This control type relies on these other policies when running actions:

  • Azure > CIS v4.0 > 07 - Management and Governance > 07.01 - Logging and Monitoring > 07.01.01 - Configuring Diagnostic Settings > 07.01.01.05 - Ensure that Network Security Group Flow logs are captured and sent to Log Analytics
  • Azure > CIS v4.0
  • Azure > CIS v4.0 > 07 - Management and Governance

Category

  • CIS > Controls v7 > 12 Boundary Defense > 12.08 Deploy NetFlow Collection on Networking Boundary Devices

In Your Workspace

  • Controls by Resource report
  • Controls by Control Type report

Developers

    Control Type URI
    • tmod:@turbot/azure-cisv4-0#/control/types/r07010105
    • Category URI
    • tmod:@turbot/cis#/control/categories/v071208
    • GraphQL
    • query controlType(id: "tmod:@turbot/azure-cisv4-0#/control/types/r07010105") { … }
    • query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv4-0#/control/types/r07010105'") { … }
    • CLI
    • Get Controls
    • turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv4-0#/control/types/r07010105"
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy
50
Mods
207
Resource Types
3,612
Policies
1,957
Controls
103
Quick Actions
114
IAM