More Info:

Ensure that your Microsoft Azure Network Security Groups (NSGs) have a sufficient flow log retention period, i.e. greater than or equal to 90 days, configured for reliability and compliance purposes. The retention period represents the number of days to retain flow log data recorded for your network security groups. Azure Network Security Group (NSG) flow log is a feature of the Network Watcher service, that allows you to view information about inbound and outbound IP traffic through an NSG.

Risk Level

Low

Address

Reliability, Operational Maturity, Security

Compliance Standards

CISAZURE, CBP

Triage and Remediation

Remediation

Sure, here are the step-by-step instructions to remediate the misconfiguration of Security Group Flow Logs retention for a longer duration in AZURE:

  1. Log in to the AZURE portal (https://portal.azure.com/).
  2. Navigate to the “Security Center” from the left-hand menu.
  3. Click on the “Security policy” option from the “Security Center” menu.
  4. Click on the “Edit” button to edit the security policy.
  5. Scroll down to the “Network security group flow logs” section and click on the “Edit” button.
  6. In the “Retention period” field, enter the desired number of days for which you want to retain the logs.
  7. Click on the “Save” button to save the changes.

Once you have completed these steps, the Security Group Flow Logs retention period will be updated to the desired duration. It is recommended to retain the logs for a longer duration for security and compliance purposes.