clouditor icon indicating copy to clipboard operation
clouditor copied to clipboard

Published 20 hours ago verified publisher icon clouditor

Azure Discovery: BootLogging.retentionPeriod is always set to "0"

Open lebogg opened this issue 2 years ago • 1 comments

Describe the bug When running Clouditor and looking at the evidences, all VM instances have bootLogging.retentionPeriod set to "0"

To Reproduce

  • Run clouditor
  • list evidences

Expected behavior We define retentionPeriod in time. Since Azure defines is in Size (saving logs until 1 GB), I would suggest to map size into time with some heuristic or we should add the option retentionSIZE and adjust the metrics accordingly?

Additional context See https://docs.microsoft.com/en-us/azure/virtual-machines/boot-diagnostics#limitations

lebogg avatar Apr 13 '22 12:04 lebogg

Maybe you should leave the value at 0, because you can't tell when the data will be deleted. But we would have to consider what the value 0 means (will be deleted immediately vs. will not be deleted) or if we need another value.

anatheka avatar Apr 14 '22 12:04 anatheka