Best practice rules for Monitor
Trend Micro Cloud One™ – Conformity monitors Monitor with the following rules:
- Activity Log All Activities
Ensure that Azure Log Profile is configured to export all control & management activities.
- Activity Log All Regions
Ensure that Azure Log Profile is configured to capture activity logs for all regions.
- Activity Log Retention
Ensure that Azure activity log retention period is set for 365 days or greater.
- Azure Activity Log Profile in Use
Ensure that a Log Profile exists for each subscription available in your Azure account.
- Check for Publicly Accessible Activity Log Storage Container
Ensure that the Azure storage container storing the activity logs is not publicly accessible.
- Configure Diagnostic Setting Categories
Ensure that the diagnostic settings are configured to capture the appropriate categories.
- Enable Diagnostic Logs for the Supported Resources
Ensure that Diagnostic Logs are enabled for the supported Azure cloud resources.
- Enable Exporting Activity Logs for Azure Cloud Resources
Ensure that exporting activity logs is enabled for each cloud resource within a subscription.
- Use BYOK for Activity Log Storage Container Encryption
Use Bring Your Own Key (BYOK) for Azure activity log storage container encryption.