UNKNOWN
Source
CloudSploit
ID
key-vault-log-analytics-enabled

Key Vault Log Analytics Enabled

Ensures Key Vault Log Analytics logs are being properly delivered to Azure Monitor

Enabling Send to Log Analytics ensures that all Key Vault logs are being properly monitored and managed.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Select the “Search resources, services, and docs” option at the top and search for “Monitor”. Step

  3. On the “Monitor - Overview” page scroll down the left navigation panel and click on “Diagnostic settings” under Settings.Step

  4. On the “Monitor - Diagnostic settings” page select the resource you want to verify for “Key Vault Log Analytics'.”Step

  5. Check the “Diagnostics Status” of the chosen resource and if it’s set to “Disabled” then the “Key Vault Log Analytics” logs are not being properly delivered to Azure Monitor.Step

  6. To enable “Key Vault Log Anaytics” on the selected resource click on the resource name to reach its configuration settings page Step

  7. Under the “Diagnostic Settings” click on the “Add diagnostic setting” option.Step

  8. On the next page, enter the “Diagnostic setting name”. Under “Logs” check the “allLogs” checkbox. Under “Destination details” click the checkbox for “Send to Log Analytics workspace”, select an existing “Subscription” & “Log Analytics workspace”, or create a workspace.Step

  9. Click on the “Save” button at the top to make the changes.Step

  10. “Key Vault Log Anaytics” is now enabled for the selected resource.Step

  11. Repeat steps number 6 - 9 to send all diagnostic logs for Key Vault from the Azure Monitor service to Log Analytics.