AzInitiativeAdvertizer

last sync: 2023-Sep-29 17:58:50 UTC

Azure Policy Initiative (PolicySet)

Enable audit category group resource logging for supported resources to Event Hub

Source Azure Portal
Display nameEnable audit category group resource logging for supported resources to Event Hub
Id1020d527-2764-4230-92cc-7035e4fcf8a7
Version1.0.0
details on versioning
CategoryMonitoring
Microsoft docs
DescriptionResource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to Event Hub for all supported resources
TypeBuiltIn
DeprecatedFalse
PreviewFalse
Policy count Total Policies: 33
Builtin Policies: 33
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State
Enable logging by category group for API Management services (microsoft.apimanagement/service) to Event Hub 3a8ff864-d881-44ce-bed3-0c63ede634cb Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for App Configuration (microsoft.appconfiguration/configurationstores) to Event Hub 8d0726a6-abae-4b04-9d2e-1f2f67a47e6d Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Attestation providers (microsoft.attestation/attestationproviders) to Event Hub e488a548-7afd-43a7-a903-2a6dd36e7504 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Automation Accounts (microsoft.automation/automationaccounts) to Event Hub d9f11fea-dd45-46aa-8908-b7a146f1e543 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for AVS Private clouds (microsoft.avs/privateclouds) to Event Hub 73fb42d8-b57f-41cd-a840-8f4dedb1dd27 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Azure Cache for Redis (microsoft.cache/redis) to Event Hub a142867f-3142-4ac6-b952-ab950a29fca5 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Event Hub a9ebdeda-251a-4311-92be-5167d73b1682 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Azure Machine Learning (microsoft.machinelearningservices/workspaces) to Event Hub ae48c709-d2b4-4fad-8c5c-838524130aa4 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Bastions (microsoft.network/bastionhosts) to Event Hub 6b2899d8-5fdf-4ade-ba59-f1f82664877b Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Event Hub 0628b917-d4b4-4af5-bc2b-b4f87cd173ab Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Container registries (microsoft.containerregistry/registries) to Event Hub 9ba29e83-863d-4fec-81d0-16dd87067cc3 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Event Grid Domains (microsoft.eventgrid/domains) to Event Hub a81eb966-6696-46b1-9153-bed01569a7d0 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Event Grid Partner Namespaces (microsoft.eventgrid/partnernamespaces) to Event Hub f6d5d5d5-0fa9-4257-b820-69c35016c973 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Event Grid Topics (microsoft.eventgrid/topics) to Event Hub f5094957-e0f7-4af2-9e14-13d60141dc4a Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Event Hubs Namespaces (microsoft.eventhub/namespaces) to Event Hub 480851ae-9ff3-49d1-904c-b5bd6f83f1ec Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Front Door and CDN profiles (microsoft.cdn/profiles) to Event Hub 76539a09-021e-4300-953b-4c6018ac26dc Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Front Door and CDN profiles (microsoft.network/frontdoors) to Event Hub eb5a4c26-04cb-4ab1-81cb-726dc58df772 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for IoT Hub (microsoft.devices/iothubs) to Event Hub dfbfceaa-14b2-4a90-a679-d169fa6a6a38 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Event Hub 71153be3-4742-4aae-9aec-150f7589311b Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Log Analytics workspaces (microsoft.operationalinsights/workspaces) to Event Hub a853abad-dfa4-4bf5-aaa1-04cb10c02d23 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Event Hub 1abe42e1-a726-4dee-94c2-79f364dac9b7 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Media Services (microsoft.media/mediaservices) to Event Hub 8d253bba-a338-4fd9-9752-6b6edadca1eb Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Microsoft Purview accounts (microsoft.purview/accounts) to Event Hub 6b4b3d79-2eeb-4612-b3d1-99ef609ffa4e Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for microsoft.network/p2svpngateways to Event Hub b9b976cc-59ef-468a-807e-19afa2ebfd52 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Public IP addresses (microsoft.network/publicipaddresses) to Event Hub fc602c00-2ce3-4556-b615-fa4159517103 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Service Bus Namespaces (microsoft.servicebus/namespaces) to Event Hub e7c86682-34c1-488a-9aab-9cb279207992 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for SignalR (microsoft.signalrservice/signalr) to Event Hub fc744b31-a930-4eb5-bc06-e81f98bf7214 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for SQL databases (microsoft.sql/servers/databases) to Event Hub 9e6aee71-3781-4acd-bba7-aac4fb067dfa Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for SQL managed instances (microsoft.sql/managedinstances) to Event Hub 5f6f2aba-e57f-42ed-9aeb-ffa7321a56db Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Video Analyzers (microsoft.media/videoanalyzers) to Event Hub 792f8b74-dc05-44fd-b90d-340a097b80e6 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Virtual network gateways (microsoft.network/virtualnetworkgateways) to Event Hub 6ccd32f6-0a9a-40cf-9c5b-6cfd6aba33e9 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Volumes (microsoft.netapp/netappaccounts/capacitypools/volumes) to Event Hub a285df35-0164-4f4d-9e04-c39056742c55 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Enable logging by category group for Web PubSub Service (microsoft.signalrservice/webpubsub) to Event Hub 3d034ef2-001c-46f6-a47b-e6e4a74ff89b Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 2 Azure Event Hubs Data Owner, Log Analytics Contributor GA
Roles used Total Roles usage: 66
Total Roles unique usage: 2
Role Role Id Policies count Policies
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293 33 Enable logging by category group for API Management services (microsoft.apimanagement/service) to Event Hub, Enable logging by category group for App Configuration (microsoft.appconfiguration/configurationstores) to Event Hub, Enable logging by category group for Attestation providers (microsoft.attestation/attestationproviders) to Event Hub, Enable logging by category group for Automation Accounts (microsoft.automation/automationaccounts) to Event Hub, Enable logging by category group for AVS Private clouds (microsoft.avs/privateclouds) to Event Hub, Enable logging by category group for Azure Cache for Redis (microsoft.cache/redis) to Event Hub, Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Event Hub, Enable logging by category group for Azure Machine Learning (microsoft.machinelearningservices/workspaces) to Event Hub, Enable logging by category group for Bastions (microsoft.network/bastionhosts) to Event Hub, Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Event Hub, Enable logging by category group for Container registries (microsoft.containerregistry/registries) to Event Hub, Enable logging by category group for Event Grid Domains (microsoft.eventgrid/domains) to Event Hub, Enable logging by category group for Event Grid Partner Namespaces (microsoft.eventgrid/partnernamespaces) to Event Hub, Enable logging by category group for Event Grid Topics (microsoft.eventgrid/topics) to Event Hub, Enable logging by category group for Event Hubs Namespaces (microsoft.eventhub/namespaces) to Event Hub, Enable logging by category group for Front Door and CDN profiles (microsoft.cdn/profiles) to Event Hub, Enable logging by category group for Front Door and CDN profiles (microsoft.network/frontdoors) to Event Hub, Enable logging by category group for IoT Hub (microsoft.devices/iothubs) to Event Hub, Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Event Hub, Enable logging by category group for Log Analytics workspaces (microsoft.operationalinsights/workspaces) to Event Hub, Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Event Hub, Enable logging by category group for Media Services (microsoft.media/mediaservices) to Event Hub, Enable logging by category group for Microsoft Purview accounts (microsoft.purview/accounts) to Event Hub, Enable logging by category group for microsoft.network/p2svpngateways to Event Hub, Enable logging by category group for Public IP addresses (microsoft.network/publicipaddresses) to Event Hub, Enable logging by category group for Service Bus Namespaces (microsoft.servicebus/namespaces) to Event Hub, Enable logging by category group for SignalR (microsoft.signalrservice/signalr) to Event Hub, Enable logging by category group for SQL databases (microsoft.sql/servers/databases) to Event Hub, Enable logging by category group for SQL managed instances (microsoft.sql/managedinstances) to Event Hub, Enable logging by category group for Video Analyzers (microsoft.media/videoanalyzers) to Event Hub, Enable logging by category group for Virtual network gateways (microsoft.network/virtualnetworkgateways) to Event Hub, Enable logging by category group for Volumes (microsoft.netapp/netappaccounts/capacitypools/volumes) to Event Hub, Enable logging by category group for Web PubSub Service (microsoft.signalrservice/webpubsub) to Event Hub
Azure Event Hubs Data Owner f526a384-b230-433a-b45c-95f59c4a2dec 33 Enable logging by category group for API Management services (microsoft.apimanagement/service) to Event Hub, Enable logging by category group for App Configuration (microsoft.appconfiguration/configurationstores) to Event Hub, Enable logging by category group for Attestation providers (microsoft.attestation/attestationproviders) to Event Hub, Enable logging by category group for Automation Accounts (microsoft.automation/automationaccounts) to Event Hub, Enable logging by category group for AVS Private clouds (microsoft.avs/privateclouds) to Event Hub, Enable logging by category group for Azure Cache for Redis (microsoft.cache/redis) to Event Hub, Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Event Hub, Enable logging by category group for Azure Machine Learning (microsoft.machinelearningservices/workspaces) to Event Hub, Enable logging by category group for Bastions (microsoft.network/bastionhosts) to Event Hub, Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Event Hub, Enable logging by category group for Container registries (microsoft.containerregistry/registries) to Event Hub, Enable logging by category group for Event Grid Domains (microsoft.eventgrid/domains) to Event Hub, Enable logging by category group for Event Grid Partner Namespaces (microsoft.eventgrid/partnernamespaces) to Event Hub, Enable logging by category group for Event Grid Topics (microsoft.eventgrid/topics) to Event Hub, Enable logging by category group for Event Hubs Namespaces (microsoft.eventhub/namespaces) to Event Hub, Enable logging by category group for Front Door and CDN profiles (microsoft.cdn/profiles) to Event Hub, Enable logging by category group for Front Door and CDN profiles (microsoft.network/frontdoors) to Event Hub, Enable logging by category group for IoT Hub (microsoft.devices/iothubs) to Event Hub, Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Event Hub, Enable logging by category group for Log Analytics workspaces (microsoft.operationalinsights/workspaces) to Event Hub, Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Event Hub, Enable logging by category group for Media Services (microsoft.media/mediaservices) to Event Hub, Enable logging by category group for Microsoft Purview accounts (microsoft.purview/accounts) to Event Hub, Enable logging by category group for microsoft.network/p2svpngateways to Event Hub, Enable logging by category group for Public IP addresses (microsoft.network/publicipaddresses) to Event Hub, Enable logging by category group for Service Bus Namespaces (microsoft.servicebus/namespaces) to Event Hub, Enable logging by category group for SignalR (microsoft.signalrservice/signalr) to Event Hub, Enable logging by category group for SQL databases (microsoft.sql/servers/databases) to Event Hub, Enable logging by category group for SQL managed instances (microsoft.sql/managedinstances) to Event Hub, Enable logging by category group for Video Analyzers (microsoft.media/videoanalyzers) to Event Hub, Enable logging by category group for Virtual network gateways (microsoft.network/virtualnetworkgateways) to Event Hub, Enable logging by category group for Volumes (microsoft.netapp/netappaccounts/capacitypools/volumes) to Event Hub, Enable logging by category group for Web PubSub Service (microsoft.signalrservice/webpubsub) to Event Hub
History
Date/Time (UTC ymd) (i) Changes
2023-02-16 18:41:09 add Initiative 1020d527-2764-4230-92cc-7035e4fcf8a7
JSON compare n/a
JSON
api-version=2021-06-01