| Source | Azure Portal | ||
| Display name | Microsoft Managed Control 1124 - Audit Reduction And Report Generation | ||
| Id | c10152dd-78f8-4335-ae2d-ad92cc028da4 | ||
| Version | 1.0.0 Details on versioning |
||
| Category | Regulatory Compliance Microsoft Learn |
||
| Description | Microsoft implements this Audit and Accountability control | ||
| Additional metadata |
Name/Id: ACF1124 / Microsoft Managed Control 1124 Category: Audit and Accountability Title: Audit Reduction And Report Generation - Review Capabilities Ownership: Customer, Microsoft Description: The information system provides an audit reduction and report generation capability that: Supports on-demand audit review, analysis, and reporting requirements and after-the-fact investigations of security incidents; and Requirements: Azure service teams deploy Geneva Monitoring and SCUBA as part of environment-wide monitoring solutions. Geneva Monitoring and SCUBA digest large amounts of log data into human-readable alerting and reports. All events are logged and available for human review as needed, but all events are reviewed automatically and known good activity is filtered out from alerting on an ongoing basis. Events that meet detection criteria, such as those that could indicate attacks or misuse, are automatically flagged and escalated as alerts in S360 or work items in IcM or DevOps. These are sent directly to Azure service teams for clarification and feedback or escalated within the Security Response Team for incident management. |
||
| Mode | Indexed | ||
| Type | Static | ||
| Preview | False | ||
| Deprecated | False | ||
| Effect | Fixed audit |
||
| RBAC role(s) | none | ||
| Rule aliases | none | ||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||
| Compliance | Not a Compliance control | ||
| Initiatives usage | none | ||
| History | none | ||
| JSON compare | n/a | ||
| JSON |
|