AzPolicyAdvertizer

last sync: 2021-Aug-04 14:59:26 UTC

Azure Policy definition

Network Watcher flow logs should have traffic analytics enabled

Name Network Watcher flow logs should have traffic analytics enabled
Azure Portal

Id 2f080164-9f4d-497e-9db6-416dc9f7b48a

Version 1.0.0
details on versioning

Category Network
Microsoft docs

Description Traffic analytics analyzes Network Watcher network security group flow logs to provide insights into traffic flow in your Azure cloud. It can be used to visualize network activity across your Azure subscriptions and identify hot spots, identify security threats, understand traffic flow patterns, pinpoint network misconfigurations and more.

Mode Indexed

Type BuiltIn

Preview FALSE

Deprecated FALSE

Effect Default: Audit
Allowed: (Audit, Disabled)

Used RBAC Role none

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2021-05-18 14:34:48	add	2f080164-9f4d-497e-9db6-416dc9f7b48a

Used in Initiatives none

JSON

{
  "properties": {
    "displayName": "Network Watcher flow logs should have traffic analytics enabled",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "Traffic analytics analyzes Network Watcher network security group flow logs to provide insights into traffic flow in your Azure cloud. It can be used to visualize network activity across your Azure subscriptions and identify hot spots, identify security threats, understand traffic flow patterns, pinpoint network misconfigurations and more.",
    "metadata": {
      "version": "1.0.0",
      "category": "Network"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "Audit",
          "Disabled"
        ],
        "defaultValue": "Audit"
      }
    },
    "policyRule": {
      "if": {
        "allof": [
          {
            "field": "type",
            "equals": "Microsoft.Network/networkWatchers/flowLogs"
          },
          {
            "anyof": [
              {
                "field": "Microsoft.Network/networkWatchers/flowLogs/flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.enabled",
                "equals": false
              },
              {
                "field": "Microsoft.Network/networkWatchers/flowLogs/flowAnalyticsConfiguration.networkWatcherFlowAnalyticsConfiguration.trafficAnalyticsInterval",
                "notin": [
                  "10",
                  "60"
                ]
              }
            ]
          }
        ]
      },
      "then": {
      "effect": "[parameters('effect')]"
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/2f080164-9f4d-497e-9db6-416dc9f7b48a",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "2f080164-9f4d-497e-9db6-416dc9f7b48a"
}