Ensure that automatic provisioning of the monitoring agent is enabled in your Microsoft Azure account to collect security data and events from your cloud compute resources in order to help you prevent, detect, and respond efficiently to security vulnerabilities and threats.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
When the automatic provisioning of the monitoring agent is turned on, the Azure Security Center installs the Microsoft Monitoring Agent (MMA) on all the existing supported Azure virtual machines (VMs), plus on any new ones created later. Once the MMA is installed, Azure Security Center reads various security-related configurations and event logs from your virtual machines and sends the data collected (including crash dump files) to your workspace for analysis. The data sent for analysis is required to provide visibility into missing updates, misconfigured operating system (OS) security settings, endpoint protection settings, and health and threat detections.
To determine if the automatic provisioning of the monitoring agent is enabled in your Azure account, perform the following actions:
Remediation / Resolution
Once active, the "Automatic provisioning of monitoring agent" feature enables the automatic installation of the Microsoft Monitoring Agent (MMA) on all the virtual machines within your Azure subscription. If enabled, any new or existing virtual machines without an installed Microsoft Monitoring agent extension, will have it provisioned. To enable the feature, perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable Automatic Provisioning of the Monitoring Agent
Risk level: Medium