Network Security Group Flow Log retention period should be 'greater than 90 days'

azure.networkwatcher
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

To ensure sufficient data retention, it is recommended to set the retention period for your Network Security Group Flow Logs to a minimum of 90 days. By default, the flow logs for Network Security Groups are disabled, so it is essential to enable them to capture information about IP traffic. The logs provide valuable insights into any anomalies or potential breaches, helping you in monitoring and securing your network. However, it is important to consider that increasing the data retention period may lead to higher monthly storage costs based on your data usage.

Remediation

From the console

  1. Go to Network Watcher and select NSG flow logs blade in the Logs section.
  2. Select each Network Security Group from the list.
  3. Ensure Status is set to On.
  4. Ensure Retention (days) setting is greater than 90 days.
  5. Select your storage account in the Storage account field.