Network Security Group Flow Log retention period should be 'greater than 90 days'

azure.networkwatcher
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

To ensure sufficient data retention, it is recommended to set the retention period for your Network Security Group Flow Logs to a minimum of 90 days. By default, the flow logs for Network Security Groups are disabled, so it is essential to enable them to capture information about IP traffic. The logs provide valuable insights into any anomalies or potential breaches, helping you in monitoring and securing your network. However, it is important to consider that increasing the data retention period may lead to higher monthly storage costs based on your data usage.

Remediation

From the console

  1. Go to Network Watcher and select NSG flow logs blade in the Logs section.
  2. Select each Network Security Group from the list.
  3. Ensure Status is set to On.
  4. Ensure Retention (days) setting is greater than 90 days.
  5. Select your storage account in the Storage account field.
PREVIEWING: brett.blue/embedded-collector-release