Policy: Azure > CIS v5.0 > 6 - Management and Governance Services > 6.01 - Logging and Monitoring > 6.01.01 - Configuring Diagnostic Settings > 6.01.01.09 - Ensure that a Microsoft Entra diagnostic setting exists to send Microsoft Entra activity logs to an appropriate destination
Configures auditing against a CIS Benchmark item.
Level: 1
Ensure that Microsoft Entra ID activity logs (audit logs and sign-in logs) are integrated with Azure Monitor for centralized logging and analysis.
Microsoft Entra ID activity logs provide visibility into user sign-ins, application usage, and changes to directory objects. These logs are essential for security monitoring, compliance reporting, and incident response. Integrating them with Azure Monitor enables long-term retention and advanced analytics.
Targets
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Related Policies
Controls
Setting this policy configures this control:
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/cis
- tmod:@turbot/azure-cisv5-0#/policy/types/r06010109
- turbot graphql policy-type --id "tmod:@turbot/azure-cisv5-0#/policy/types/r06010109"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-cisv5-0#/policy/types/r06010109"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI