Benchmark: 5.2 Monitoring using Activity Log Alerts
Overview
This section covers security recommendations to follow in order to set alerting and monitoring for critical activities on an Azure subscription.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 5.2 Monitoring using Activity Log Alerts.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.cis_v140_5_2Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.cis_v140_5_2 --shareControls
- 5.2.1 Ensure that Activity Log Alert exists for Create Policy Assignment
- 5.2.2 Ensure that Activity Log Alert exists for Delete Policy Assignment
- 5.2.3 Ensure that Activity Log Alert exists for Create or Update Network Security Group
- 5.2.4 Ensure that Activity Log Alert exists for Delete Network Security Group
- 5.2.5 Ensure that Activity Log Alert exists for Create or Update Network Security Group Rule
- 5.2.6 Ensure that Activity Log Alert exists for Delete Network Security Group Rule
- 5.2.7 Ensure that Activity Log Alert exists for Create or Update Security Solution
- 5.2.8 Ensure that Activity Log Alert exists for Delete Security Solution
- 5.2.9 Ensure that Activity Log Alert exists for Create or Update or Delete SQL Server Firewall Rule