You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: includes/policy/reference/byrp/microsoft.insights.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
author: davidsmatlak
3
3
ms.service: azure-policy
4
4
ms.topic: include
5
-
ms.date: 08/30/2023
5
+
ms.date: 09/06/2023
6
6
ms.author: davidsmatlak
7
7
ms.custom: generated
8
8
---
@@ -22,11 +22,11 @@ ms.custom: generated
22
22
|[\[Preview\]: Configure Linux VMSS to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F1142b015-2bd7-41e0-8645-a531afe09a1e)|Deploy Association to link Linux virtual machine scale sets to the specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations and OS images are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Linux_VMSS_DINE.json)|
23
23
|[\[Preview\]: Configure machines to create the Microsoft Defender for Cloud user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fc15c5978-ab6e-4599-a1c3-90a7918f5371)|Configure machines to create the Microsoft Defender for Cloud user-defined pipeline using Azure Monitor Agent. Microsoft Defender for Cloud collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Creates a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. Target virtual machines must be in a supported location. |DeployIfNotExists, Disabled |[1.2.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/ASC_AMA_UserWorkspacePipeline_Deploy.json)|
24
24
|[\[Preview\]: Configure virtual machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F8b5ad9ab-3d44-4a6e-9ac3-75b04ea5fd28)|Configure virtual machines to create the default Microsoft Defender for Cloud pipeline using Azure Monitor Agent. Microsoft Defender for Cloud collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. Target virtual machines must be in a supported location. |DeployIfNotExists, Disabled |[5.2.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/ASC_AMA_DefaultPipeline_Deploy.json)|
25
-
|[\[Preview\]: Configure Windows Arc machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fda0fd392-9669-4ad4-b32c-ca46aaa6c21f)|Configure Windows Arc machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_DefaultPipeline_Arc.json)|
26
-
|[\[Preview\]: Configure Windows Arc machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F63d03cbd-47fd-4ee1-8a1c-9ddf07303de0)|Configure Windows Arc machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Create a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_UserWorkspacePipeline_Arc.json)|
25
+
|[\[Preview\]: Configure Windows Arc machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fda0fd392-9669-4ad4-b32c-ca46aaa6c21f)|Configure Windows Arc machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. |DeployIfNotExists, Disabled |[1.1.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_DefaultPipeline_Arc.json)|
26
+
|[\[Preview\]: Configure Windows Arc machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F63d03cbd-47fd-4ee1-8a1c-9ddf07303de0)|Configure Windows Arc machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Create a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. |DeployIfNotExists, Disabled |[1.1.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_UserWorkspacePipeline_Arc.json)|
27
27
|[\[Preview\]: Configure Windows Arc-enabled machines to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fef9fe2ce-a588-4edd-829c-6247069dcfdb)|Deploy Association to link Windows Arc-enabled machines to specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Windows_HybridVM_DINE.json)|
28
-
|[\[Preview\]: Configure Windows SQL machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F04754ef9-9ae3-4477-bf17-86ef50026304)|Configure Windows SQL machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Create a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_UserWorkspacePipeline_VM.json)|
29
-
|[\[Preview\]: Configure Windows SQL virtual machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fc859b78a-a128-4376-a838-e97ce6625d16)|Configure Windows SQL virtual machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_DefaultPipeline_VM.json)|
28
+
|[\[Preview\]: Configure Windows SQL machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F04754ef9-9ae3-4477-bf17-86ef50026304)|Configure Windows SQL machines to create the Microsoft Defender for SQL user-defined pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Use the user-provided Log Analytics workspace to store audit records. Create a resource group and a Data Collection Rule in the same region as the user-provided Log Analytics workspace. |DeployIfNotExists, Disabled |[1.1.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_UserWorkspacePipeline_VM.json)|
29
+
|[\[Preview\]: Configure Windows SQL virtual machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fc859b78a-a128-4376-a838-e97ce6625d16)|Configure Windows SQL virtual machines to create the default Microsoft Defender for SQL pipeline using Azure Monitor Agent. Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group, a Data Collection Rule and Log Analytics workspace in the same region as the machine to store audit records. |DeployIfNotExists, Disabled |[1.1.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Security%20Center/MDC_DfSQL_AMA_DefaultPipeline_VM.json)|
30
30
|[\[Preview\]: Configure Windows Virtual Machines to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fb6faa975-0add-4f35-8d1c-70bba45c4424)|Deploy Association to link Windows virtual machines to specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations and OS images are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Windows_VM_DINE.json)|
31
31
|[\[Preview\]: Configure Windows VMSS to be associated with a Data Collection Rule for ChangeTracking and Inventory](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2F8fd85785-1547-4a4a-bf90-d5483c9571c5)|Deploy Association to link Windows virtual machine scale sets to specified Data Collection Rule to enable ChangeTracking and Inventory. The list of locations and OS images are updated over time as support is increased. |DeployIfNotExists, Disabled |[1.0.0-preview](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/ChangeTrackingAndInventory/DCRA_Windows_VMSS_DINE.json)|
32
32
|[Activity log should be retained for at least one year](https://portal.azure.com/#blade/Microsoft_Azure_Policy/PolicyDetailBlade/definitionId/%2Fproviders%2FMicrosoft.Authorization%2FpolicyDefinitions%2Fb02aacc0-b073-424e-8298-42b22829ee0a)|This policy audits the activity log if the retention is not set for 365 days or forever (retention days set to 0). |AuditIfNotExists, Disabled |[1.0.0](https://github.com/Azure/azure-policy/blob/master/built-in-policies/policyDefinitions/Monitoring/ActivityLogRetention_365orGreater.json)|
0 commit comments