Monitor log profile should have activity logs for global services and all regions

Description

Configure the log profile to export activities from all Azure supported regions/locations including global. This rule is evaluated against all resource locations that Fugue has permission to scan.

Console Remediation Steps

  • Note this rule applies to the legacy experience for Azure Activity log.

  • Navigate to Activity log.

  • Select Diagnostics setting.

  • Click Looking for the legacy experience? Click here to launch the ‘Export activity log’ blade.

  • From the Regions drop-down, check Select all.

  • Click Save.

CLI Remediation Steps

  • To enable activity logs for global services and all regions:

az monitor log-profiles update --name default