π§ Azure Diagnostic Setting captures Administrative, Alert, Policy, and Security categories - prod.logic.yamlπ’
- Contextual name: π§ prod.logic.yamlπ’
- ID:
/ce/ca/azure/monitor/diagnostic-setting-categories/prod.logic.yaml - Tags:
- π’ Logic test success
- π’ Logic with extracts
- π’ Logic with test data
Usesβ
- π Azure Diagnostic Setting
- π Azure Diagnostic Setting - object.extracts.yaml
- π§ͺ test-data.json
Test Results π’β
Generated at: 2026-02-10T22:33:31.537911131Z Open
| Result | Id | Condition Index | Condition Text | Runtime Error |
|---|---|---|---|---|
| π’ | test1 | βοΈ 99 | βοΈ isDisappeared(CA10__disappearanceTime__c) | βοΈ null |
| π’ | test2 | βοΈ 199 | βοΈ RecordType.DeveloperName != 'caDiagnosticSettingOnAzureSubscription' | βοΈ null |
| π’ | test3 | βοΈ 299 | βοΈ not(extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Administrative].enabled | [0]') && extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Alert].enabled | [0]') && extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Policy].enabled | [0]') && extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Security].enabled | [0]')) | βοΈ null |
| π’ | test4 | βοΈ 300 | βοΈ otherwise | βοΈ null |
| π’ | test5 | βοΈ 299 | βοΈ not(extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Administrative].enabled | [0]') && extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Alert].enabled | [0]') && extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Policy].enabled | [0]') && extract('caJsonFrom__logsJson__c').jsonQueryText('[? category == Security].enabled | [0]')) | βοΈ null |
Generation Bundleβ
| File | MD5 | |
|---|---|---|
| Open | /ce/ca/azure/monitor/diagnostic-setting-categories/policy.yaml | 6717D14002CB25FB546A0C4007911D02 |
| Open | /ce/ca/azure/monitor/diagnostic-setting-categories/prod.logic.yaml | 6BC88D251A51C85B2990D5B8B7C098D4 |
| Open | /ce/ca/azure/monitor/diagnostic-setting-categories/test-data.json | 7C5C255C035DF0312BE934B2B2729D36 |
| Open | /types/CA10__CaAzureDiagnosticSetting__c/object.extracts.yaml | 4AADFEBE59E43127A2529B2F0DB31297 |
Available Commandsβ
repo-manager policies generate FULL /ce/ca/azure/monitor/diagnostic-setting-categories/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/azure/monitor/diagnostic-setting-categories/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/azure/monitor/diagnostic-setting-categories/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/azure/monitor/diagnostic-setting-categories/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/azure/monitor/diagnostic-setting-categories/prod.logic.yaml
Contentβ
inputType: "CA10__CaAzureDiagnosticSetting__c"
importExtracts:
- file: "/types/CA10__CaAzureDiagnosticSetting__c/object.extracts.yaml"
testData:
- file: "test-data.json"
conditions:
- status: "INAPPLICABLE"
currentStateMessage: "This is not a subscription diagnostic setting."
check:
NOT_EQUAL:
left:
FIELD:
path: "RecordType.DeveloperName"
right:
TEXT: "caDiagnosticSettingOnAzureSubscription"
- status: "INCOMPLIANT"
currentStateMessage: "The diagnostic setting does not capture the appropriate activities from the management plane."
remediationMessage: "Capture the Administrative, Alert, Policy, and Security log categories in the diagnostic setting."
check:
NOT:
arg:
AND:
args:
- JSON_QUERY_BOOLEAN:
arg:
EXTRACT: "caJsonFrom__logsJson__c"
expression: "[? category == `Administrative`].enabled | [0]"
undeterminedIf:
evaluationError: "The JSON query has failed."
resultTypeMismatch: "The JSON query did not return boolean type."
- JSON_QUERY_BOOLEAN:
arg:
EXTRACT: "caJsonFrom__logsJson__c"
expression: "[? category == `Alert`].enabled | [0]"
undeterminedIf:
evaluationError: "The JSON query has failed."
resultTypeMismatch: "The JSON query did not return boolean type."
- JSON_QUERY_BOOLEAN:
arg:
EXTRACT: "caJsonFrom__logsJson__c"
expression: "[? category == `Policy`].enabled | [0]"
undeterminedIf:
evaluationError: "The JSON query has failed."
resultTypeMismatch: "The JSON query did not return boolean type."
- JSON_QUERY_BOOLEAN:
arg:
EXTRACT: "caJsonFrom__logsJson__c"
expression: "[? category == `Security`].enabled | [0]"
undeterminedIf:
evaluationError: "The JSON query has failed."
resultTypeMismatch: "The JSON query did not return boolean type."
otherwise:
status: "COMPLIANT"
currentStateMessage: "The diagnostic setting captures the appropriate activities from the management plane."