AzInitiativeAdvertizer

last sync: 2023-Sep-29 17:58:50 UTC

Azure Policy Initiative (PolicySet)

Enable audit category group resource logging for supported resources to Log Analytics

Source Azure Portal
Display nameEnable audit category group resource logging for supported resources to Log Analytics
Idf5b29bc4-feca-4cc6-a58a-772dd5e290a5
Version1.0.0
details on versioning
CategoryMonitoring
Microsoft docs
DescriptionResource logs should be enabled to track activities and events that take place on your resources and give you visibility and insights into any changes that occur. This initiative deploys diagnostic setting using the audit category group to route logs to Log Analytics for all supported resources.
TypeBuiltIn
DeprecatedFalse
PreviewFalse
Policy count Total Policies: 33
Builtin Policies: 33
Static Policies: 0
Policy used
Policy DisplayName Policy Id Category Effect Roles# Roles State
Enable logging by category group for API Management services (microsoft.apimanagement/service) to Log Analytics 567c93f7-3661-494f-a30f-0a94d9bfebf8 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for App Configuration (microsoft.appconfiguration/configurationstores) to Log Analytics 4b05de63-3ad2-4f6d-b421-da21f1328f3b Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Attestation providers (microsoft.attestation/attestationproviders) to Log Analytics 856331d3-0169-4dd9-9b04-cbb2ad3d1cf2 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Automation Accounts (microsoft.automation/automationaccounts) to Log Analytics b797045a-b3cd-46e4-adc4-bbadb3381d78 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for AVS Private clouds (microsoft.avs/privateclouds) to Log Analytics 69ab8bfc-dc5b-443d-93a7-7531551dec66 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Azure Cache for Redis (microsoft.cache/redis) to Log Analytics aec4c33f-2f2a-4fd3-91cd-24a939513c60 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Log Analytics f969646f-b6b8-45a0-b736-bf9b4bb933dc Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Azure Machine Learning (microsoft.machinelearningservices/workspaces) to Log Analytics 90c90eda-bfe7-4c67-bf26-410420ed1047 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Bastions (microsoft.network/bastionhosts) to Log Analytics f8352124-56fa-4f94-9441-425109cdc14b Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Log Analytics 55d1f543-d1b0-4811-9663-d6d0dbc6326d Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Container registries (microsoft.containerregistry/registries) to Log Analytics 56288eb2-4350-461d-9ece-2bb242269dce Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Event Grid Domains (microsoft.eventgrid/domains) to Log Analytics b90ec596-faa6-4c61-9515-34085703e260 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Event Grid Partner Namespaces (microsoft.eventgrid/partnernamespaces) to Log Analytics 3496f6fd-57ba-485c-8a14-183c4493b781 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Event Grid Topics (microsoft.eventgrid/topics) to Log Analytics 46b2dd5d-3936-4347-8908-b298ea4466d3 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Event Hubs Namespaces (microsoft.eventhub/namespaces) to Log Analytics 441af8bf-7c88-4efc-bd24-b7be28d4acce Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Front Door and CDN profiles (microsoft.cdn/profiles) to Log Analytics 6201aeb7-2b5c-4671-8ab4-5d3ba4d77f3b Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Front Door and CDN profiles (microsoft.network/frontdoors) to Log Analytics e9c56c41-d453-4a80-af93-2331afeb3d82 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for IoT Hub (microsoft.devices/iothubs) to Log Analytics 614d9fbd-68cd-4832-96db-3362069661b2 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Log Analytics 6b359d8f-f88d-4052-aa7c-32015963ecc1 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Log Analytics workspaces (microsoft.operationalinsights/workspaces) to Log Analytics 818719e5-1338-4776-9a9d-3c31e4df5986 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Log Analytics b88bfd90-4da5-43eb-936f-ae1481924291 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Media Services (microsoft.media/mediaservices) to Log Analytics 69214fad-6742-49a9-8f71-ee9d269364ab Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Microsoft Purview accounts (microsoft.purview/accounts) to Log Analytics 4cabf9fc-4ed1-4990-bbaf-7248fb8751bc Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for microsoft.network/p2svpngateways to Log Analytics cac9e1c5-c3cb-47fa-8d4c-88b8559262d2 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Public IP addresses (microsoft.network/publicipaddresses) to Log Analytics 1513498c-3091-461a-b321-e9b433218d28 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Service Bus Namespaces (microsoft.servicebus/namespaces) to Log Analytics 0277b2d5-6e6f-4d97-9929-a5c4eab56fd7 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for SignalR (microsoft.signalrservice/signalr) to Log Analytics 93a604fe-0ec2-4a99-ab8c-7ef08f05555a Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for SQL databases (microsoft.sql/servers/databases) to Log Analytics 6567d3f3-42d0-4cfb-9606-9741ba60fa07 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for SQL managed instances (microsoft.sql/managedinstances) to Log Analytics 8fc4ca5f-6abc-4b30-9565-0bd91ac49420 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Video Analyzers (microsoft.media/videoanalyzers) to Log Analytics 34c7546c-d637-4b5d-96ab-93fb6ed07af8 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Virtual network gateways (microsoft.network/virtualnetworkgateways) to Log Analytics ed6ae75a-828f-4fea-88fd-dead1145f1dd Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Volumes (microsoft.netapp/netappaccounts/capacitypools/volumes) to Log Analytics c3b912c2-7f5b-47ac-bd52-8c85a7667961 Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Enable logging by category group for Web PubSub Service (microsoft.signalrservice/webpubsub) to Log Analytics 0da6faeb-d6c6-4f6e-9f49-06277493270b Monitoring Default
DeployIfNotExists
Allowed
DeployIfNotExists, AuditIfNotExists, Disabled		 1 Log Analytics Contributor GA
Roles used Total Roles usage: 33
Total Roles unique usage: 1
Role Role Id Policies count Policies
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293 33 Enable logging by category group for API Management services (microsoft.apimanagement/service) to Log Analytics, Enable logging by category group for App Configuration (microsoft.appconfiguration/configurationstores) to Log Analytics, Enable logging by category group for Attestation providers (microsoft.attestation/attestationproviders) to Log Analytics, Enable logging by category group for Automation Accounts (microsoft.automation/automationaccounts) to Log Analytics, Enable logging by category group for AVS Private clouds (microsoft.avs/privateclouds) to Log Analytics, Enable logging by category group for Azure Cache for Redis (microsoft.cache/redis) to Log Analytics, Enable logging by category group for Azure FarmBeats (microsoft.agfoodplatform/farmbeats) to Log Analytics, Enable logging by category group for Azure Machine Learning (microsoft.machinelearningservices/workspaces) to Log Analytics, Enable logging by category group for Bastions (microsoft.network/bastionhosts) to Log Analytics, Enable logging by category group for Cognitive Services (microsoft.cognitiveservices/accounts) to Log Analytics, Enable logging by category group for Container registries (microsoft.containerregistry/registries) to Log Analytics, Enable logging by category group for Event Grid Domains (microsoft.eventgrid/domains) to Log Analytics, Enable logging by category group for Event Grid Partner Namespaces (microsoft.eventgrid/partnernamespaces) to Log Analytics, Enable logging by category group for Event Grid Topics (microsoft.eventgrid/topics) to Log Analytics, Enable logging by category group for Event Hubs Namespaces (microsoft.eventhub/namespaces) to Log Analytics, Enable logging by category group for Front Door and CDN profiles (microsoft.cdn/profiles) to Log Analytics, Enable logging by category group for Front Door and CDN profiles (microsoft.network/frontdoors) to Log Analytics, Enable logging by category group for IoT Hub (microsoft.devices/iothubs) to Log Analytics, Enable logging by category group for Key vaults (microsoft.keyvault/vaults) to Log Analytics, Enable logging by category group for Log Analytics workspaces (microsoft.operationalinsights/workspaces) to Log Analytics, Enable logging by category group for Managed HSMs (microsoft.keyvault/managedhsms) to Log Analytics, Enable logging by category group for Media Services (microsoft.media/mediaservices) to Log Analytics, Enable logging by category group for Microsoft Purview accounts (microsoft.purview/accounts) to Log Analytics, Enable logging by category group for microsoft.network/p2svpngateways to Log Analytics, Enable logging by category group for Public IP addresses (microsoft.network/publicipaddresses) to Log Analytics, Enable logging by category group for Service Bus Namespaces (microsoft.servicebus/namespaces) to Log Analytics, Enable logging by category group for SignalR (microsoft.signalrservice/signalr) to Log Analytics, Enable logging by category group for SQL databases (microsoft.sql/servers/databases) to Log Analytics, Enable logging by category group for SQL managed instances (microsoft.sql/managedinstances) to Log Analytics, Enable logging by category group for Video Analyzers (microsoft.media/videoanalyzers) to Log Analytics, Enable logging by category group for Virtual network gateways (microsoft.network/virtualnetworkgateways) to Log Analytics, Enable logging by category group for Volumes (microsoft.netapp/netappaccounts/capacitypools/volumes) to Log Analytics, Enable logging by category group for Web PubSub Service (microsoft.signalrservice/webpubsub) to Log Analytics
History
Date/Time (UTC ymd) (i) Changes
2023-02-16 18:41:09 add Initiative f5b29bc4-feca-4cc6-a58a-772dd5e290a5
JSON compare n/a
JSON
api-version=2021-06-01