last sync: 2020-Sep-25 13:37:27 UTC

Azure Policy

The Log Analytics agent should be installed on Virtual Machine Scale Sets

Policy DisplayName The Log Analytics agent should be installed on Virtual Machine Scale Sets
Policy Id efbde977-ba53-4479-b8e9-10b957924fbf
Policy Category Monitoring
Policy Description This policy audits any Windows/Linux Virtual Machine Scale Sets if the Log Analytics agent is not installed.
Policy Mode Indexed
Policy Type BuiltIn
Policy in Preview FALSE
Policy Deprecated FALSE
Policy Effect Default: AuditIfNotExists
Allowed: (AuditIfNotExists,Disabled)
Roles used none
Policy Changes
Date/Time (UTC ymd) (i) Change Change detail
2019-10-11 00:02:54 add: Policy efbde977-ba53-4479-b8e9-10b957924fbf
Used in Policy Initiative(s)
Initiative DisplayName Initiative Id
[Preview]: NIST SP 800-171 R2 03055927-78bd-4236-86c0-f36125a10dc9
[Preview]: Azure Security Benchmark 42a694ed-f65e-42b2-aa9e-8052e9740a92
[Deprecated]: DOD Impact Level 4 8d792a84-723c-4d92-a3c3-e4ed16a2d133
HITRUST/HIPAA a169a624-5599-4385-a696-c8d643089fab
Policy Rule
{
  "properties": {
    "displayName": "The Log Analytics agent should be installed on Virtual Machine Scale Sets",
    "policyType": "BuiltIn",
    "mode": "Indexed",
    "description": "This policy audits any Windows/Linux Virtual Machine Scale Sets if the Log Analytics agent is not installed.",
    "metadata": {
      "version": "1.0.0",
      "category": "Monitoring"
    },
    "parameters": {
      "effect": {
        "type": "String",
        "metadata": {
          "displayName": "Effect",
          "description": "Enable or disable the execution of the policy"
        },
        "allowedValues": [
          "AuditIfNotExists",
          "Disabled"
        ],
        "defaultValue": "AuditIfNotExists"
      }
    },
    "policyRule": {
      "if": {
        "field": "type",
        "equals": "Microsoft.Compute/virtualMachineScaleSets"
      },
      "then": {
      "effect": "[parameters('effect')]",
        "details": {
          "type": "Microsoft.Compute/virtualMachineScaleSets/extensions",
          "existenceCondition": {
            "allOf": [
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/publisher",
                "equals": "Microsoft.EnterpriseCloud.Monitoring"
              },
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/type",
                "in": [
                  "MicrosoftMonitoringAgent",
                  "OmsAgentForLinux"
                ]
              },
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/provisioningState",
                "equals": "Succeeded"
              },
              {
                "field": "Microsoft.Compute/virtualMachineScaleSets/extensions/settings.workspaceId",
                "exists": "true"
              }
            ]
          }
        }
      }
    }
  },
  "id": "/providers/Microsoft.Authorization/policyDefinitions/efbde977-ba53-4479-b8e9-10b957924fbf",
  "type": "Microsoft.Authorization/policyDefinitions",
  "name": "efbde977-ba53-4479-b8e9-10b957924fbf"
}