Plugin Title | Key Vault Log Analytics Enabled |
Cloud | AZURE |
Category | Monitor |
Description | Ensures Key Vault Log Analytics logs are being properly delivered to Azure Monitor |
More Info | Enabling Send to Log Analytics ensures that all Key Vault logs are being properly monitored and managed. |
AZURE Link | https://docs.microsoft.com/en-us/azure/azure-monitor/platform/collect-activity-logs |
Recommended Action | Send all diagnostic logs for Key Vault from the Azure Monitor service to Log Analytics. |
- Log into the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for Monitor.
- On the "Monitor - Overview" page scroll down the left navigation panel and click on "Diagnostics" under Settings.
- On the "Monitor - Diagnostics settings" page select the resource you want to verify for "Key Vault Log Analystics."
- Check the "Diagnostics Status" and if it's set to "Disabled" then the "Key Vault Log Analytics" logs are not being properly delivered to Azure Monitor.
- Repeat steps number 2 - 5 to verify other resources in the account.
- Navigate to "Monitor" and click on the "Diagnostics" under "Settings" and select the resource on which "Key Vault Log Anaytics" needs to be enabled.
- On the "Diagnostics Settings" page click on the "Add diagnostic setting" option.
- On the "Diagnostics Settings" page enter the Name, click the checkbox for "Send to Log Analytics", select an existing Log Analytics workspace, or create a workspace and to enable "Metric" click the checkbox under "Metric". Click on the "Save" button at the top to make the changes.
- Repeat steps number 7 - 9 to send all diagnostic logs for Key Vault from the Azure Monitor service to Log Analytics.