Vulnerabilities
Misconfiguration
Runtime Security
Compliance
Azure > CDN Profiles >

Endpoint Logging Enabled

Source
CloudSploit
ID
endpoint-logging-enabled
management console

Endpoint Logging Enabled

Ensures that endpoint requests are being logged for CDN endpoints

Endpoint Logging ensures that all requests to a CDN endpoint are logged.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log into the Microsoft Azure Management Console.

  2. Select the “Search resources, services, and docs” option at the top and search for CDN. Select “Front Door and CDN profiles”.Step

  3. On the “Front Door and CDN profiles” page, click on the “Name” link to access the configuration changes.Step

  4. In the left navigation panel, click on the “Diagnostic setting” under “Monitoring”.Step

  5. In the “Diagnostic setting” panel if you see “No diagnostic settings defined” then logging is not enabled for this CDN. This is against the Azure best practices. Now click on the “+ Add diagnostic setting” link to enable diagnostic logging.Step

  6. On the “Diagnostic setting” page that opens select “all logs” under “Logs”.Step

  7. Under “Metrics” select “AllMetrics. Step

  8. Under “Destination details” select “Send to Log Analytics workspace”.Step

  9. Click “Save” at the top of the page to save the changes and enable logging.Step

  10. Repeat steps 3 - 9 for all other CDN endpoints.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use