Azure
/
Community-Policy
зеркало из https://github.com/Azure/Community-Policy.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
Community-Policy/policyDefinitions/Batch/audit-enabling-of-diagnosti...
История
..
README.md
azurepolicy.json
azurepolicy.parameters.json
azurepolicy.rules.json

README.md

Audit enabling of diagnostic logs in Batch accounts

Audit enabling of logs and retain them up to a year. This enables you to recreate activity trails for investigation purposes when a security incident occurs or your network is compromised

Try on Portal

Deploy to Azure

Try with PowerShell

$definition = New-AzPolicyDefinition -Name "audit-enabling-diagnostic-logs-batch-accounts" -DisplayName "Audit enabling of diagnostic logs in Batch accounts" -description "Audit enabling of logs and retain them up to a year. This enables you to recreate activity trails for investigation purposes when a security incident occurs or your network is compromised" -Policy 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/audit-enabling-diagnostic-logs-batch-accounts/azurepolicy.rules.json' -Parameter 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/audit-enabling-diagnostic-logs-batch-accounts/azurepolicy.parameters.json' -Mode Indexed
$definition
$assignment = New-AzPolicyAssignment -Name <assignmentname> -Scope <scope> -requiredRetentionDays <requiredRetentionDays> -PolicyDefinition $definition
$assignment

Try with CLI


az policy definition create --name 'audit-enabling-diagnostic-logs-batch-accounts' --display-name 'Audit enabling of diagnostic logs in Batch accounts' --description 'Audit enabling of logs and retain them up to a year. This enables you to recreate activity trails for investigation purposes when a security incident occurs or your network is compromised' --rules 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/audit-enabling-diagnostic-logs-batch-accounts/azurepolicy.rules.json' --params 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/audit-enabling-diagnostic-logs-batch-accounts/azurepolicy.parameters.json' --mode Indexed

az policy assignment create --name <assignmentname> --scope <scope> --params "{'requiredRetentionDays':{'value': '<requiredRetentionDays>'}}" --policy "audit-enabling-diagnostic-logs-batch-accounts"