AzPolicyAdvertizer

last sync: 2025-May-30 17:23:33 UTC

Deploy Diagnostic Settings for Search Services to Log Analytics workspace

Azure BuiltIn Policy definition

Source

Azure Portal

Display name

Deploy Diagnostic Settings for Search Services to Log Analytics workspace

08ba64b8-738f-4918-9686-730d2ed79c7d

Version

1.0.0
Details on versioning

Versioning

Versions supported for Versioning: 1
1.0.0
Built-in Versioning [Preview]

Category

Monitoring
Microsoft Learn

Description

Deploys the diagnostic settings for Search Services to stream to a regional Log Analytics workspace when any Search Services which is missing this diagnostic settings is created or updated.

Cloud environments

AzureCloud = true
AzureUSGovernment = unknown
AzureChinaCloud = unknown

Available in AzUSGov

Unknown, no evidence if Policy definition is/not available in AzureUSGovernment

Mode

Indexed

Type

BuiltIn

Preview

False

Deprecated

False

Effect

Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled

RBAC role(s)

Role Name	Role Id
Monitoring Contributor	749f88d5-cbae-40b8-bcfc-e573ddc772fa
Log Analytics Contributor	92aaf0da-9dab-42b6-94a3-d43ce8d16293

Rule aliases

THEN-ExistenceCondition (2)

Alias	Namespace	ResourceType	Path	PathIsDefault	DefaultPath	Modifiable
Microsoft.Insights/diagnosticSettings/logs.enabled	microsoft.insights	diagnosticSettings	properties.logs[*].enabled	True		False
Microsoft.Insights/diagnosticSettings/metrics.enabled	microsoft.insights	diagnosticSettings	properties.metrics[*].enabled	True		False

Rule resource types

IF (1)

Microsoft.Search/searchServices

Compliance

The following 1 compliance controls are associated with this Policy definition 'Deploy Diagnostic Settings for Search Services to Log Analytics workspace' (08ba64b8-738f-4918-9686-730d2ed79c7d)

Loading extensions...Loading extensions...

Rows: 1-1 / 1
Columns:
Select all:
Control Domain
Control
Name
MetadataId
Category
Title
Owner
Requirements
Description
Info
Policy#
Close
Columns▼Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, **[empty]**, **[nonempty]**, **rgx:**
Learn more
TableFilter v0.7.3
https://www.tablefilter.com/
©2015-2025 Max Guglielmi
Close
?
Page of 1
Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#

RMiT_v1.0	10.66	RMiT_v1.0_10.66	RMiT 10.66	Security of Digital Services	Security of Digital Services - 10.66	Shared	n/a	A financial institution must implement robust technology security controls in providing digital services which assure the following: (a) confidentiality and integrity of customer and counterparty information and transactions; (b) reliability of services delivered via channels and devices with minimum disruption to services; (c) proper authentication of users or devices and authorisation of transactions; (d) sufficient audit trail and monitoring of anomalous transactions; (e) ability to identify and revert to the recovery point prior to incident or service disruption; and (f) strong physical control and logical control measures	link	30

Initiatives usage

Rows: 1-2 / 2
Records:
Use the filters above each column to filter and limit table data. Advanced searches can be performed by using the following operators:
<, <=, >, >=, =, *, !, {, }, ||,&&, **[empty]**, **[nonempty]**, **rgx:**
Learn more
TableFilter v0.7.3
https://www.tablefilter.com/
©2015-2025 Max Guglielmi
Close
?
Page of 1
Initiative DisplayName	Initiative Id	Initiative Category	State	Type	polSet in AzUSGov

[Deprecated]: Deploy Diagnostic Settings to Azure Services	Deploy-Diagnostics-LogAnalytics	Monitoring	Deprecated	ALZ
RMIT Malaysia	97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6	Regulatory Compliance	GA	BuiltIn	unknown

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2019-10-29 23:04:36	add	08ba64b8-738f-4918-9686-730d2ed79c7d

JSON compare

n/a

JSON

api-version=2021-06-01
EPAC

{7 itemsdisplayName: "Deploy Diagnostic Settings for Search Services to Log Analytics workspace",
policyType: "BuiltIn",
mode: "Indexed",
description: "Deploys the diagnostic settings for Search Services to stream to a regional Log Analytics workspace when any Search Services which is missing this diagnostic settings is created or updated.",
metadata: {2 itemsversion: "1.0.0",
category: "Monitoring"
},
parameters: {5 itemseffect: {4 itemstype: "String",
metadata: {2 itemsdisplayName: "Effect",
description: "Enable or disable the execution of the policy"
},
allowedValues: [2 items"DeployIfNotExists",
"Disabled"
],
defaultValue: "DeployIfNotExists"
},
profileName: {3 itemstype: "String",
metadata: {2 itemsdisplayName: "Profile name",
description: "The diagnostic settings profile name"
},
defaultValue: "setbypolicy_logAnalytics"
},
logAnalytics: {2 itemstype: "String",
metadata: {4 itemsdisplayName: "Log Analytics workspace",
description: "Select Log Analytics workspace from dropdown list. If this workspace is outside of the scope of the assignment you must manually grant 'Log Analytics Contributor' permissions (or similar) to the policy assignment's principal ID.",
strongType: "omsWorkspace",
assignPermissions: true
}
},
metricsEnabled: {4 itemstype: "String",
metadata: {2 itemsdisplayName: "Enable metrics",
description: "Whether to enable metrics stream to the Log Analytics workspace - True or False"
},
allowedValues: [2 items"True",
"False"
],
defaultValue: "False"
},
logsEnabled: {4 itemstype: "String",
metadata: {2 itemsdisplayName: "Enable logs",
description: "Whether to enable logs stream to the Log Analytics workspace - True or False"
},
allowedValues: [2 items"True",
"False"
],
defaultValue: "True"
}
},
policyRule: {2 itemsif: {2 itemsfield: "type",
equals: "Microsoft.Search/searchServices"
},
then: {2 itemseffect: "[parameters('effect')]",
details: {5 itemstype: "Microsoft.Insights/diagnosticSettings",
name: "[parameters('profileName')]",
existenceCondition: {1 itemallOf: [2 items{2 itemsfield: "Microsoft.Insights/diagnosticSettings/logs.enabled",
equals: "[parameters('logsEnabled')]"
},
{2 itemsfield: "Microsoft.Insights/diagnosticSettings/metrics.enabled",
equals: "[parameters('metricsEnabled')]"
}
]
},
roleDefinitionIds: [2 items"/providers/microsoft.authorization/roleDefinitions/749f88d5-cbae-40b8-bcfc-e573ddc772fa" Monitoring Contributor ,
"/providers/microsoft.authorization/roleDefinitions/92aaf0da-9dab-42b6-94a3-d43ce8d16293" Log Analytics Contributor 
],
deployment: {1 itemproperties: {3 itemsmode: "incremental",
template: {6 items$schema: "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
contentVersion: "1.0.0.0",
parameters: {6 itemsresourceName: {1 itemtype: "string"
},
location: {1 itemtype: "string"
},
logAnalytics: {1 itemtype: "string"
},
metricsEnabled: {1 itemtype: "string"
},
logsEnabled: {1 itemtype: "string"
},
profileName: {1 itemtype: "string"
}
},
variables: {},
resources: [1 item{6 itemstype: "Microsoft.Search/searchServices/providers/diagnosticSettings",
apiVersion: "2017-05-01-preview",
name: 🔍"[
    concat(
        parameters('resourceName'),
       '/',
        'Microsoft.Insights/',
         parameters('profileName')
    )
]",
location: "[parameters('location')]",
dependsOn: [],
properties: {3 itemsworkspaceId: "[parameters('logAnalytics')]",
metrics: [1 item{3 itemscategory: "AllMetrics",
enabled: "[parameters('metricsEnabled')]",
retentionPolicy: {2 itemsenabled: false,
days: 0
}
}
],
logs: [1 item{2 itemscategory: "OperationLogs",
enabled: "[parameters('logsEnabled')]"
}
]
}
}
],
outputs: {}
},
parameters: {6 itemslocation: {1 itemvalue: "[field('location')]"
},
resourceName: {1 itemvalue: "[field('name')]"
},
logAnalytics: {1 itemvalue: "[parameters('logAnalytics')]"
},
metricsEnabled: {1 itemvalue: "[parameters('metricsEnabled')]"
},
logsEnabled: {1 itemvalue: "[parameters('logsEnabled')]"
},
profileName: {1 itemvalue: "[parameters('profileName')]"
}
}
}
}
}
}
}
}

Deploy Diagnostic Settings for Search Services to Log Analytics workspace

Azure BuiltIn Policy definition

TableFilter v0.7.3

TableFilter v0.7.3