Ensure that Azure Storage Table service logging is enabled for read, write, and delete requests. The Azure Storage Table service stores structured NoSQL data in the cloud, providing a key/attribute store with a schema-less design. Storage logging is performed server-side and allows details for both successful and failed requests to be recorded in the associated storage account. These logs allow you to see the details of read, write, and delete operations against the tables. The storage logging contains the following information about individual requests: time-based information such as start time, end-to-end latency, server latency, authentication details, concurrency information, and the sizes of the request and response messages.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
By default, Azure Storage Table service logging is disabled for read, write, and delete operations. After this type of logging is enabled, Microsoft Azure will provide detailed information about successful and failed requests made to the Azure Storage Table service. This information can be used to monitor individual requests and to diagnose issues with your table data.
To determine if Azure Storage Table service logging is enabled, perform the following operations:
Remediation / Resolution
To enable logging for Azure Storage Table service (read, write, and delete requests), perform the following operations:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable Logging for Azure Storage Table Service
Risk level: Medium