Small Activity Log Retention Period

  • Query id: 37fafbea-dedb-4e0d-852e-d16ee0589326
  • Query name: Small Activity Log Retention Period
  • Platform: Ansible
  • Severity: Medium
  • Category: Observability
  • URL: Github

Description

Ensure that Activity Log Retention is set 365 days or greater
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
---
- name: Create a log profile
  azure_rm_monitorlogprofile:
    name: myProfile
    location: eastus
    locations:
      - eastus
      - westus
    categories:
      - Write
      - Action
    retention_policy:
      enabled: False
    storage_account:
      resource_group: myResourceGroup
      name: myStorageAccount
  register: output

- name: Create a log profile2
  azure_rm_monitorlogprofile:
    name: myProfile
    location: eastus
    locations:
      - eastus
      - westus
    categories:
      - Write
      - Action
    storage_account:
      resource_group: myResourceGroup
      name: myStorageAccount
  register: output

- name: Create a log profile3
  azure_rm_monitorlogprofile:
    name: myProfile
    location: eastus
    locations:
      - eastus
      - westus
    categories:
      - Write
      - Action
    retention_policy:
      enabled: True
      days: 50
    storage_account:
      resource_group: myResourceGroup
      name: myStorageAccount
  register: output

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
- name: Create a log profile
  azure_rm_monitorlogprofile:
    name: myProfile
    location: eastus
    locations:
    - eastus
    - westus
    categories:
    - Write
    - Action
    retention_policy:
      enabled: true
      days: 380
    storage_account:
      resource_group: myResourceGroup
      name: myStorageAccount
  register: output