last sync: 2022-Dec-02 17:43:06 UTC

Azure Policy definition

Deploy export to Event Hub for Microsoft Defender for Cloud data

Name Deploy export to Event Hub for Microsoft Defender for Cloud data
Azure Portal
Id cdfcce10-4578-4ecd-9703-530938e4abcb
Version 4.1.0
details on versioning
Category Security Center
Microsoft docs
Description Enable export to Event Hub of Microsoft Defender for Cloud data. This policy deploys an export to Event Hub configuration with your conditions and target Event Hub on the assigned scope. To deploy this policy on newly created subscriptions, open the Compliance tab, select the relevant non-compliant assignment and create a remediation task.
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed
deployIfNotExists
RBAC
Role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule
Aliases
THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Security/automations/isEnabled Microsoft.Security automations properties.isEnabled false
Microsoft.Security/automations/sources[*] Microsoft.Security automations properties.sources[*] false
Microsoft.Security/automations/sources[*].eventSource Microsoft.Security automations properties.sources[*].eventSource false
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
THEN-Deployment (4)
Microsoft.Resources/deployments
Microsoft.Resources/resourceGroups
Microsoft.Security/assessments
Microsoft.Security/automations
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-08 16:32:07 change Minor (4.0.1 > 4.1.0)
2022-06-24 19:15:47 change Patch (4.0.0 > 4.0.1) *changes on text case sensitivity are not tracked
2021-07-30 15:17:20 change Major (3.0.0 > 4.0.0)
2021-02-03 15:09:01 change Major (2.0.0 > 3.0.0)
2020-12-11 15:42:52 change Major (1.0.0 > 2.0.0)
2020-05-29 15:39:09 add cdfcce10-4578-4ecd-9703-530938e4abcb
Initiatives
usage
none
JSON
changes

JSON