Log profile is not capturing all activities

ID

azure_log_profile_all_activities

Severity

low

Vendor

Azure

Resource

Logging

Tags

non-reachable

Description

Log profile is not capturing all activities. It is recommended to activate all categories to get information about who has written, deleted or performed an action.

For that you must configure categories with Write, Delete and Action.

Learn more about this topic at Azure Monitor profile categories.

Examples

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Create a log profile
      azure_rm_monitorlogprofile:
        name: myProfile
        location: eastus
        locations:
          - eastus
          - westus
        categories:
          - Write
          - Action
        retention_policy:
          enabled: False
          days: 1
        storage_account:
          resource_group: myResourceGroup
          name: myStorageAccount
      register: output

Mitigation / Fix

---
- name: Example playbook
  hosts: localhost
  tasks:
    - name: Create a log profile
      azure_rm_monitorlogprofile:
        name: myProfile
        location: eastus
        locations:
          - eastus
          - westus
        categories:
          - Write
          - Action
          - Delete
        retention_policy:
          enabled: False
          days: 1
        storage_account:
          resource_group: myResourceGroup
          name: myStorageAccount
      register: output