Ensure that logging for Azure AppService 'HTTP logs' is enabled
Why This Matters
When HTTP logs are disabled for Azure App Services, your organization loses visibility into web requests made to your applications. This blind spot hinders security analysts from detecting unauthorized access attempts, tracking malicious activity, or performing thorough incident response. Enabling AppServiceHTTPLogs ensures all HTTP requests are captured and can be forwarded to a SIEM or central logging platform for analysis.
What Aether365 Checks
Aether365 verifies that the AppServiceHTTPLogs diagnostic log category is enabled for each Azure App Service in your subscription. This check appears in the Aether365 dashboard under the azure-diagnostic-settings compliance group.