last sync: 2022-Jun-28 16:32:57 UTC

Azure Policy definition

Deploy export to Log Analytics workspace for Microsoft Defender for Cloud data

Name Deploy export to Log Analytics workspace for Microsoft Defender for Cloud data
Azure Portal
Id ffb6f416-7bd2-4488-8828-56585fef2be9
Version 4.0.1
details on versioning
Category Security Center
Microsoft docs
Description Enable export to Log Analytics workspace of Microsoft Defender for Cloud data. This policy deploys an export to Log Analytics workspace configuration with your conditions and target workspace on the assigned scope. To deploy this policy on newly created subscriptions, open the Compliance tab, select the relevant non-compliant assignment and create a remediation task.
Mode All
Type BuiltIn
Preview FALSE
Deprecated FALSE
Effect Fixed: deployIfNotExists
Used RBAC Role
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule Aliases THEN-ExistenceCondition (3)
Alias Namespace ResourceType DefaultPath Modifiable
Microsoft.Security/automations/isEnabled Microsoft.Security automations properties.isEnabled false
Microsoft.Security/automations/sources[*] Microsoft.Security automations properties.sources[*] false
Microsoft.Security/automations/sources[*].eventSource Microsoft.Security automations properties.sources[*].eventSource false
Rule ResourceTypes IF (1)
THEN-Deployment (4)
Date/Time (UTC ymd) (i) Change type Change detail
2022-06-24 19:15:47 change Patch (4.0.0 > 4.0.1) *changes on text case sensitivity are not tracked
2021-07-30 15:17:20 change Major (3.0.0 > 4.0.0)
2021-02-03 15:09:01 change Major (2.0.0 > 3.0.0)
2020-12-11 15:42:52 change Major (1.0.0 > 2.0.0)
2020-05-29 15:39:09 add ffb6f416-7bd2-4488-8828-56585fef2be9
Used in Initiatives
Initiative DisplayName Initiative Id Initiative Category State Type
Deploy Microsoft Defender for Cloud configuration Deploy-MDFC-Config Security Center GA ALZ
JSON Changes