More Info:

The diagnostic setting should be configured to log the appropriate activities from the control/management plane.

Risk Level

Medium

Address

Security

Compliance Standards

CISAZURE, CBP

Triage and Remediation

Remediation

To remediate the misconfiguration “Ensure Diagnostic Setting Captures Appropriate Categories” in Azure using the Azure console, follow the below steps:

Step 1: Login to the Azure portal using your credentials.

Step 2: In the Azure portal, navigate to the resource group that you want to remediate.

Step 3: Select the resource that you want to remediate.

Step 4: Click on “Diagnostic settings” under the Monitoring section in the left-hand menu.

Step 5: In the “Diagnostic settings” page, click on “Add diagnostic setting”.

Step 6: Provide a name for the diagnostic setting.

Step 7: Under the “Logs” section, select the appropriate categories that you want to capture.

Step 8: Under the “Metrics” section, select the appropriate metrics that you want to capture.

Step 9: Under the “Destination details” section, select the appropriate destination where you want to send the diagnostic data.

Step 10: Click on “Save” to save the diagnostic setting.

By following the above steps, you can remediate the misconfiguration “Ensure Diagnostic Setting Captures Appropriate Categories” in Azure using the Azure console.

Additional Reading: