Control: Azure > CIS v4.0 > 07 - Management and Governance > 07.01 - Logging and Monitoring > 07.01.01 - Configuring Diagnostic Settings > 07.01.01.08 - Ensure that a Microsoft Entra diagnostic setting exists to send Microsoft Graph activity logs to an appropriate destination

Configures auditing against a CIS Benchmark item.

Level: 2

Ensure that a Microsoft Entra diagnostic setting is configured to send Microsoft Graph activity logs to a suitable destination, such as a Log Analytics workspace, storage account, or event hub. This enables centralized monitoring and analysis of all HTTP requests that the Microsoft Graph service receives and processes for a tenant.

Microsoft Graph activity logs provide visibility into HTTP requests made to the Microsoft Graph service, helping detect unauthorized access, suspicious activity, and security threats. Configuring diagnostic settings in Microsoft Entra ensures these logs arecollected and sent to an appropriate destination for monitoring, analysis, and retention.