Aqua CSPM

VM Agent Enabled

Quick Info

Plugin TitleVM Agent Enabled
CloudAZURE
CategoryVirtual Machines
DescriptionEnsures that the VM Agent is enabled for virtual machines
More InfoThe VM agent must be enabled on Azure virtual machines in order to enable Azure Security Center for data collection.
AZURE Linkhttps://docs.microsoft.com/en-us/azure/security-center/security-center-enable-vm-agent
Recommended ActionEnable the VM agent for all virtual machines.

Detailed Remediation Steps

  1. Log into the Microsoft Azure Management Console.
  2. Select the “Search resources, services, and docs” option at the top and search for Security Center.
  3. Click on the “Pricing & Settings” option and choose the “Subscription” and click on the “Name” option as a link to access the configurations.
  4. Click on the “Data Collection” option under Settings.
  5. Under the “Data Colelction” check whether the “Auto Provisioning” is “ON or OFF”. If “Auto Provisioning” is turned “Off” then the automatic installation of the Microsoft Monitoring Agent on all the VMs in your subscription is not enabled.
  6. Repeat steps number 2 - 5 to verify “VM Agent” in the other Azure accounts.
  7. Navigate to the “Security Center”, select the “Price & Settings” and click on the “Subscription Name”, select the “Data Collection” options under “Settings”.
  8. Turn “On” the “Auto Provisioning” feature and click on the “Save” button at the top to make the changes. Once enabled, any new or existing VM without an installed Microsoft Monitoring agent (MMA) extension, will have it provisioned.
  9. Repeat steps number 7 - 8 to enable the VM agent for all virtual machines.