| ๐ผ 5.1 Configuring Diagnostic Settings | 7 | | | |
| ย ย ย ย ๐ผ 5.1.1 Ensure that a Log Profile exists | | | | |
| ย ย ย ย ๐ผ 5.1.2 Ensure that Activity Log Retention is set 365 days or greater | | | | |
| ย ย ย ย ๐ผ 5.1.3 Ensure audit profile captures all the activities | | | | |
| ย ย ย ย ๐ผ 5.1.4 Ensure the log profile captures activity logs for all regions including global | | | | |
| ย ย ย ย ๐ผ 5.1.5 Ensure the storage container storing the activity logs is not publicly accessible | | | | |
| ย ย ย ย ๐ผ 5.1.6 Ensure the storage account containing the container with activity logs is encrypted with BYOK (Use Your Own Key) | | 1 | 1 | |
| ย ย ย ย ๐ผ 5.1.7 Ensure that logging for Azure KeyVault is 'Enabled' | | 1 | 1 | |
| ๐ผ 5.2 Monitoring using Activity Log Alerts | 9 | | | |
| ย ย ย ย ๐ผ 5.2.1 Ensure that Activity Log Alert exists for Create Policy Assignment | | 1 | 1 | |
| ย ย ย ย ๐ผ 5.2.2 Ensure that Activity Log Alert exists for Create or Update Network Security Group | | | | |
| ย ย ย ย ๐ผ 5.2.3 Ensure that Activity Log Alert exists for Delete Network Security Group | | 1 | 1 | |
| ย ย ย ย ๐ผ 5.2.4 Ensure that Activity Log Alert exists for Create or Update Network Security Group Rule | | | | |
| ย ย ย ย ๐ผ 5.2.5 Ensure that activity log alert exists for the Delete Network Security Group Rule | | | | |
| ย ย ย ย ๐ผ 5.2.6 Ensure that Activity Log Alert exists for Create or Update Security Solution | | | | |
| ย ย ย ย ๐ผ 5.2.7 Ensure that Activity Log Alert exists for Delete Security Solution | | 1 | 1 | |
| ย ย ย ย ๐ผ 5.2.8 Ensure that Activity Log Alert exists for Create or Update or Delete SQL Server Firewall Rule | | | | |
| ย ย ย ย ๐ผ 5.2.9 Ensure that Activity Log Alert exists for Update Security Policy | | | | |