Intelligent Assessment: Natural language Guardrails powered by AI →
Turbot Guardrails Hub 
Hub
Mods
Azure
41
Mods
165
Resource Types
2,354
Policies
1,189
Controls
103
Quick Actions
95
IAM

Policy: Azure > CIS v2.0 > 05 - Logging and Monitoring > 5.01 - Configuring Diagnostic Settings > 5.01.01 - Ensure that a 'Diagnostic Setting' exists

Configures auditing against a CIS Benchmark item.

Level: 1

Enable Diagnostic settings for exporting activity logs. Diagnostic settings are available for each individual resource within a subscription. Settings should be configured for all appropriate resources for your environment.

A diagnostic setting controls how a diagnostic log is exported. By default, logs are retained only for 90 days. Diagnostic settings should be defined so that logs can be exported and stored for a longer duration in order to analyze security activities within an Azure subscription.

Targets

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Policy Specification

Schema Type
string
Default
Per Azure > CIS v2.0 > 05 - Logging and Monitoring
Valid Values [YAML]
  • Per Azure > CIS v2.0 > 05 - Logging and Monitoring

  • Skip

  • Check: Benchmark using attestation

Category

In Your Workspace

Developers