Ensure Diagnostic Setting captures appropriate categories
Why This Matters
A diagnostic setting determines which Azure activity logs are exported for monitoring and analysis. If the setting does not include all critical categories, security incidents may go undetected, and compliance with logging requirements may be in jeopardy. Properly configured diagnostic categories enable timely alerting and investigation of control plane activities.
What Aether365 Checks
This check verifies that an existing diagnostic setting on the subscription includes the following categories: Administrative, Alert, Policy, and Security. It appears in the Aether365 dashboard under the azure-diagnostic-settings checks and will fail if any of these categories are missing.