Logging and monitoring

Network security group flow log retention period is less than 90 days

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Logs can be used to check for anomalies and give insight into suspected breaches. Flow logs on network watcher {AzureNetworkFlowLog} has to be enabled and retention set to 90 days or more. It will allow you to capture information about IP traffic flowing in and out of network security groups.
  • Recommended Mitigation

    Consider configure flow logs with a retention period greater than 90 days, or 0 if you want to retain data forever and do not want to apply any retention policy.