AzPolicyAdvertizer

last sync: 2025-Jun-26 17:24:03 UTC

Deploy - Configure diagnostic settings for SQL Databases to Log Analytics workspace

Azure BuiltIn Policy definition

Source Azure Portal
Display name Deploy - Configure diagnostic settings for SQL Databases to Log Analytics workspace
Id b79fa14e-238a-4c2d-b376-442ce508fc84
Version 4.0.0
Details on versioning
Versioning Versions supported for Versioning: 1
4.0.0
Built-in Versioning [Preview]
Category SQL
Microsoft Learn
Description Deploys the diagnostic settings for SQL Databases to stream resource logs to a Log Analytics workspace when any SQL Database which is missing this diagnostic settings is created or updated.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '4.*.*'
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Monitoring Contributor 749f88d5-cbae-40b8-bcfc-e573ddc772fa
Log Analytics Contributor 92aaf0da-9dab-42b6-94a3-d43ce8d16293
Rule aliases THEN-ExistenceCondition (7)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.Insights/diagnosticSettings/logs[*] microsoft.insights diagnosticSettings properties.logs[*] True False
Microsoft.Insights/diagnosticSettings/logs[*].category microsoft.insights diagnosticSettings properties.logs[*].category True False
Microsoft.Insights/diagnosticSettings/logs[*].enabled microsoft.insights diagnosticSettings properties.logs[*].enabled True False
Microsoft.Insights/diagnosticSettings/metrics[*] microsoft.insights diagnosticSettings properties.metrics[*] True False
Microsoft.Insights/diagnosticSettings/metrics[*].category microsoft.insights diagnosticSettings properties.metrics[*].category True False
Microsoft.Insights/diagnosticSettings/metrics[*].enabled microsoft.insights diagnosticSettings properties.metrics[*].enabled True False
Microsoft.Insights/diagnosticSettings/workspaceId microsoft.insights diagnosticSettings properties.workspaceId True False
Rule resource types IF (1)
Compliance
The following 10 compliance controls are associated with this Policy definition 'Deploy - Configure diagnostic settings for SQL Databases to Log Analytics workspace' (b79fa14e-238a-4c2d-b376-442ce508fc84)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
DORA_2022_2554 10.1 DORA_2022_2554_10.1 DORA 2022 2554 10.1 10 Implement Mechanisms to Detect Anomalous Activities in ICT Systems Shared n/a Establish mechanisms to detect anomalous activities within information and communication technology (ICT) systems, including network performance issues and ICT-related incidents. Additionally, identify potential material single points of failure to enhance overall system resilience and response capabilities. 54
DORA_2022_2554 10.2 DORA_2022_2554_10.2 DORA 2022 2554 10.2 10 Establish Multi-Layered Detection Mechanisms for ICT Incidents Shared n/a Implement detection mechanisms that provide multiple layers of control, defining alert thresholds and criteria to trigger information and communication technology (ICT) related incident response processes. This includes automated alert mechanisms to notify resources managing ICT-related incidents. 57
K_ISMS_P_2018 2.10.1 K_ISMS_P_2018_2.10.1 K ISMS P 2018 2.10.1 2.10 Establish Procedures for Managing the Security of System Operations Shared n/a Establish and implement operating procedures for managing the security of system operations such as designating system administrators, updating policies, changing rulesets, monitoring events, managing policy implementations or exceptions. 455
K_ISMS_P_2018 2.10.2 K_ISMS_P_2018_2.10.2 K ISMS P 2018 2.10.2 2.10 Establish Protective Measures for Administrator Privileges and Security Configurations Shared n/a Establish and implement protective measures with regard to administrator privileges and security configurations to ensure that important information and personal information are not exposed as a result of unauthorized access by service type or misconfigurations. 431
K_ISMS_P_2018 2.11.1 K_ISMS_P_2018_2.11.1 K ISMS P 2018 2.11.1 2.11 Establish Procedures for Managing Internal and External Intrusion Attempts Shared n/a Establish procedures for detecting, analyzing, sharing, and effectively responding to internal and external intrusion attempts to prevent personal information leakage. Additionally, implement a framework for collaboration with relevant external agencies and experts. 82
K_ISMS_P_2018 2.11.3 K_ISMS_P_2018_2.11.3 K ISMS P 2018 2.11.3 2.11 Collect, Monitor, and Analyze Data and Network Traffic Shared n/a Collect, monitor, and analyze data and network traffic to respond to internal or external infringement attempts in a timely manner. 45
K_ISMS_P_2018 2.11.5 K_ISMS_P_2018_2.11.5 K ISMS P 2018 2.11.5 2.11 Establish Procedures to Respond and Recover from Incidents Shared n/a Establish procedures to respond and recover from incidents in a timely manner, including legal obligations for disclosing information. Additional procedures must be established and implemented to prevent recurrence. 82
K_ISMS_P_2018 2.9.2a K_ISMS_P_2018_2.9.2a K ISMS P 2018 2.9.2a 2.9.2a Establish Procedures for Information System Failures Shared n/a Establish procedures to detect, record, analyze, report, and respond to information system failures. 63
K_ISMS_P_2018 2.9.4 K_ISMS_P_2018_2.9.4 K ISMS P 2018 2.9.4 2.9 Maintain Logs and Establish Log Management Procedures Shared n/a Maintain log records for servers, applications, security systems, and networks. Define log types, access permissions, retention periods, and storage methods to ensure secure retention and prevent forgery, alteration, theft, and loss. 61
RMiT_v1.0 10.66 RMiT_v1.0_10.66 RMiT 10.66 Security of Digital Services Security of Digital Services - 10.66 Shared n/a A financial institution must implement robust technology security controls in providing digital services which assure the following: (a) confidentiality and integrity of customer and counterparty information and transactions; (b) reliability of services delivered via channels and devices with minimum disruption to services; (c) proper authentication of users or devices and authorisation of transactions; (d) sufficient audit trail and monitoring of anomalous transactions; (e) ability to identify and revert to the recovery point prior to incident or service disruption; and (f) strong physical control and logical control measures link 29
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
[Deprecated]: Deploy Diagnostic Settings to Azure Services Deploy-Diagnostics-LogAnalytics Monitoring Deprecated ALZ
[Preview]: Control the use of diagnostic settings for specific resources in a Virtual Enclave 0a9ea1cb-7925-47fc-b0fe-8bb0a8190423 VirtualEnclaves Preview BuiltIn true
DORA 2022 2554 f9c0485f-da8e-43b5-961e-58ebd54b907c Regulatory Compliance GA BuiltIn unknown
K ISMS P 2018 e0782c37-30da-4a78-9f92-50bfe7aa2553 Regulatory Compliance GA BuiltIn unknown
RMIT Malaysia 97a6d4f1-3bed-4cf4-ac5b-0e444c0408d6 Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2022-03-11 18:16:48 change Major (3.0.0 > 4.0.0)
2022-02-04 18:25:37 change Major (2.0.0 > 3.0.0)
2021-10-22 15:42:38 change Major (1.0.1 > 2.0.0)
2021-02-10 14:43:58 change Patch (1.0.0 > 1.0.1)
2021-02-03 15:09:01 add b79fa14e-238a-4c2d-b376-442ce508fc84
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC