Control: Azure > CIS v5.0 > 6 - Management and Governance Services > 6.01 - Logging and Monitoring > 6.01.01 - Configuring Diagnostic Settings > 6.01.01.09 - Ensure that a Microsoft Entra diagnostic setting exists to send Microsoft Entra activity logs to an appropriate destination
Configures auditing against a CIS Benchmark item.
Level: 2
Ensure that Microsoft Entra ID activity logs (audit logs and sign-in logs) are integrated with Azure Monitor for centralized logging and analysis.
Microsoft Entra ID activity logs provide visibility into user sign-ins, application usage, and changes to directory objects. These logs are essential for security monitoring, compliance reporting, and incident response. Integrating them with Azure Monitor enables long-term retention and advanced analytics.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- Azure > CIS v5.0 > Maximum Attestation Duration
- Azure > CIS v5.0 > 6 - Management and Governance Services > 6.01 - Logging and Monitoring > 6.01.01 - Configuring Diagnostic Settings > 6.01.01.09 - Ensure that a Microsoft Entra diagnostic setting exists to send Microsoft Entra activity logs to an appropriate destination > Attestation
- Azure > CIS v5.0
- Azure > CIS v5.0 > 6 - Management and Governance Services > 6.01 - Logging and Monitoring > 6.01.01 - Configuring Diagnostic Settings > 6.01.01.09 - Ensure that a Microsoft Entra diagnostic setting exists to send Microsoft Entra activity logs to an appropriate destination
- Azure > CIS v5.0 > 6 - Management and Governance Services
- Azure > CIS v5.0 > 6 - Management and Governance Services > Maximum Attestation Duration
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv5-0#/control/types/r06010109
- tmod:@turbot/cis#/control/categories/v070603
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r06010109"
Get Controls
Control Type URI
Category URI
GraphQL
CLI