last sync: 2022-Dec-02 17:43:06 UTC

Azure Policy definition

Deploy export to Log Analytics workspace for Microsoft Defender for Cloud data

Name Deploy export to Log Analytics workspace for Microsoft Defender for Cloud data
Azure Portal
Id ffb6f416-7bd2-4488-8828-56585fef2be9
Version 4.1.0
details on versioning
Category Security Center
Microsoft docs
Description Enable export to Log Analytics workspace of Microsoft Defender for Cloud data. This policy deploys an export to Log Analytics workspace configuration with your conditions and target workspace on the assigned scope. To deploy this policy on newly created subscriptions, open the Compliance tab, select the relevant non-compliant assignment and create a remediation task.
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed
deployIfNotExists
RBAC
Role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule
Aliases
THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Security/automations/isEnabled Microsoft.Security automations properties.isEnabled false
Microsoft.Security/automations/sources[*] Microsoft.Security automations properties.sources[*] false
Microsoft.Security/automations/sources[*].eventSource Microsoft.Security automations properties.sources[*].eventSource false
Rule
ResourceTypes
IF (1)
Microsoft.Resources/subscriptions
THEN-Deployment (4)
Microsoft.Resources/deployments
Microsoft.Resources/resourceGroups
Microsoft.Security/assessments
Microsoft.Security/automations
Compliance Not a Compliance control
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-07-08 16:32:07 change Minor (4.0.1 > 4.1.0)
2022-06-24 19:15:47 change Patch (4.0.0 > 4.0.1) *changes on text case sensitivity are not tracked
2021-07-30 15:17:20 change Major (3.0.0 > 4.0.0)
2021-02-03 15:09:01 change Major (2.0.0 > 3.0.0)
2020-12-11 15:42:52 change Major (1.0.0 > 2.0.0)
2020-05-29 15:39:09 add ffb6f416-7bd2-4488-8828-56585fef2be9
Initiatives
usage
Initiative DisplayName Initiative Id Initiative Category State Type
Deploy Microsoft Defender for Cloud configuration Deploy-MDFC-Config Security Center GA ALZ
JSON
changes

JSON