azure-policy
azure-policy copied to clipboard
Published
20 hours ago •
Azure
Azure
EventHub_DeployDiagnosticLog_Deploy_LogAnalytics.json is behind
Currentlty the categories of the diagnostic policy for event hub is running behind on what is actually available:
Current policy implementation:
{
"category": "ArchiveLogs",
"enabled": true,
"retentionPolicy": {
"enabled": false,
"days": 0
}
},
{
"category": "OperationalLogs",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "AutoScaleLogs",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "KafkaCoordinatorLogs",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "KafkaUserErrorLogs",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "EventHubVNetConnectionEvent",
"enabled": "[parameters('logsEnabled')]"
},
{
"category": "CustomerManagedKeyUserLogs",
"enabled": "[parameters('logsEnabled')]"
}
Currently available settings for event hub.
This discrepancy is causing the policy to be non-compliant and not cover all bases.
Same thing for the Event hub version of this policy.
Since there is already an allLogs category, so my suggestion would be to use this one.
