Resource Type: Azure > Monitor > Log Profile

Resource Context

Log Profile is a part of the Monitor service.

Each Log Profile lives under a Subscription.

Controls

The primary controls for Azure > Monitor > Log Profile are:

• Active
• Approved
• CMDB
• Discovery
• ServiceNow

It is also targeted by these controls:

• Azure > CIS v1 > 5 Logging and Monitoring > 5.1 Configuring Log Profile > 5.1.2 Ensure that Activity Log Retention is set 365 days or greater (Scored)
• Azure > CIS v1 > 5 Logging and Monitoring > 5.1 Configuring Log Profile > 5.1.3 Ensure audit profile captures all the activities (Scored)
• Azure > CIS v1 > 5 Logging and Monitoring > 5.1 Configuring Log Profile > 5.1.4 Ensure the log profile captures activity logs for all regions including global (Scored)
• Azure > CIS v1 > 5 Logging and Monitoring > 5.1 Configuring Log Profile > 5.1.5 Ensure the storage container storing the activity logs is not publicly accessible (Scored)
• Azure > CIS v1 > 5 Logging and Monitoring > 5.1 Configuring Log Profile > 5.1.6 Ensure the storage account containing the container with activity logs is encrypted with BYOK (Use Your Own Key) (Scored)
• Azure > CIS v2.0 > 05 - Logging and Monitoring > 5.01 - Configuring Diagnostic Settings > 5.01.03 - Ensure the Storage Container Storing the Activity Logs is not Publicly Accessible
• Azure > CIS v2.0 > 05 - Logging and Monitoring > 5.01 - Configuring Diagnostic Settings > 5.01.04 - Ensure the storage account containing the container with activity logs is encrypted with Customer Managed Key

Category

• Management Tools

In Your Workspace

• Controls by Resource Type report
• Policy Settings by Resource Type report
• Resources by Resource Type report

Developers

Resource Type URI

tmod:@turbot/azure-monitor#/resource/types/logProfile

Category URI

tmod:@turbot/turbot#/resource/categories/managementTools

GraphQL

query resource(id: "tmod:@turbot/azure-monitor#/resource/types/logProfile") { … }

query resourceActivities(filter: "resourceId:'tmod:@turbot/azure-monitor#/resource/types/logProfile'") { … }

mutation createResource(input: { … })

mutation updateResource(input: { … })

CLI

Get Resource

turbot graphql resource --id "tmod:@turbot/azure-monitor#/resource/types/logProfile"

Steampipe Query

Get Resource

select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/azure-monitor#/resource/types/logProfile';

Get Policy Settings (By Resource ID)

select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/azure-monitor#/resource/types/logProfile"';

Get Resource Notification

select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/azure-monitor#/resource/types/logProfile' and notification_type in ('resource_updated', 'resource_created');