PSRule.Rules.Azure icon indicating copy to clipboard operation
PSRule.Rules.Azure copied to clipboard

Published 20 hours ago verified publisher icon Azure

Diagnostic logs in Event Hub should be enabled

Open BenjaminEngeset opened this issue 2 years ago • 0 comments

Rule request

Suggested rule change

Diagnostic logs in Event Hub should be enabled.

Enable logs and retain them for up to a year. This enables you to recreate activity trails for investigation purposes when a security incident occurs or your network is compromised.

This is actually an official Defender for Cloud recommendation.

Security pillar for this one.

Applies to the following

The rule applies to the following:

  • Resource type: [Microsoft.EventHub/namespaces]

Additional context

Diagnostic logs in Event Hub should be enabled Template reference

BenjaminEngeset avatar Nov 15 '22 21:11 BenjaminEngeset