This policy definition is deprecated because OMS Agent was deprecated on August 31, 2024. While there is not a specific replacement policy, we have various policies available based on the VM setup that can be found under Azure Monitor Agent/DCRA Linux. Learn more about policy definition deprecation at aka.ms/policydefdeprecation.
The following 9 compliance controls are associated with this Policy definition '[Deprecated]: Log Analytics Extension should be enabled for listed virtual machine images' (32133ab0-ee4b-4b44-98d6-042180979d50)
Implement Mechanisms to Detect Anomalous Activities in ICT Systems
Shared
n/a
Establish mechanisms to detect anomalous activities within information and communication technology (ICT) systems, including network performance issues and ICT-related incidents. Additionally, identify potential material single points of failure to enhance overall system resilience and response capabilities.
Establish Multi-Layered Detection Mechanisms for ICT Incidents
Shared
n/a
Implement detection mechanisms that provide multiple layers of control, defining alert thresholds and criteria to trigger information and communication technology (ICT) related incident response processes. This includes automated alert mechanisms to notify resources managing ICT-related incidents.
Establish Procedures for Managing the Security of System Operations
Shared
n/a
Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions.
Establish Protective Measures for Administrator Privileges and Security Configurations
Shared
n/a
Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations.
Establish Procedures for Managing Internal and External Intrusion Attempts
Shared
n/a
Establish procedures for detecting, analyzing, sharing, and effectively responding to internal and external intrusion attempts to prevent personal information leakage. Additionally, implement a framework for collaboration with relevant external agencies and experts.
Establish Procedures to Respond and Recover from Incidents
Shared
n/a
Establish procedures to respond and recover from incidents in a timely manner, including legal obligations for disclosing information. Additional procedures must be established and implemented to prevent recurrence.
Maintain Logs and Establish Log Management Procedures
Shared
n/a
Maintain log records for servers, applications, security systems, and networks. Define log types, access permissions, retention periods, and storage methods to ensure secure retention and prevent forgery, alteration, theft, and loss.