Ensure there is a Log Profile created for each Microsoft Azure account subscription for exporting activity logs. The Azure activity log captures all management activities performed on a subscription. By default, the Azure Portal retains activity logs only for 90 days. To make sure that all activity events recorded for your subscription are retained for a longer duration, you can create and configure a Log Profile to archive the activity log to an Azure storage account or stream it to an Event Hub. Each Microsoft Azure subscription can have only one Log Profile.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
A Log Profile controls how and where an Azure activity log is exported. A well configured Log Profile should allow your activity logs to be exported and stored for a longer period of time in order to be able to perform a better analysis of the activity recorded within your Azure subscription, useful later for security and compliance auditing.
To determine if there is a Log Profile created for each Microsoft Azure subscription, perform the following actions:
Remediation / Resolution
To create and configure a Log Profile for each subscription available within your Microsoft Azure account in order to archive your Azure activity logs to a storage account or stream them to an Event Hub, perform the following operations:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Azure Activity Log Profile in Use
Risk level: Medium