Monitor

Best practice rules for Monitor

Trend Micro Cloud One™ – Conformity monitors Monitor with the following rules:

• Activity Log All Activities

  Ensure that Azure Log Profile is configured to export all control & management activities.

• Activity Log All Regions

  Ensure that Azure Log Profile is configured to capture activity logs for all regions.

• Activity Log Retention

  Ensure that Azure activity log retention period is set for 365 days or greater.

• Azure Activity Log Profile in Use

  Ensure that a Log Profile exists for each subscription available in your Azure account.

• Check for Publicly Accessible Activity Log Storage Container

  Ensure that the Azure storage container storing the activity logs is not publicly accessible.

• Configure Diagnostic Setting Categories

  Ensure that the diagnostic settings are configured to capture the appropriate categories.

• Enable Diagnostic Logs for the Supported Resources

  Ensure that Diagnostic Logs are enabled for the supported Azure cloud resources.

• Enable Exporting Activity Logs for Azure Cloud Resources

  Ensure that exporting activity logs is enabled for each cloud resource within a subscription.

• Use BYOK for Activity Log Storage Container Encryption

  Use Bring Your Own Key (BYOK) for Azure activity log storage container encryption.