安全中心：确保Azure KeyVault的日志记录为“已启用” [英] Security Center: Ensure that logging for Azure KeyVault is 'Enabled'

问题描述

在安全中心，我们建议确保为我们的密钥保险库"启用"日志记录。 

Under security center we are being advised to ensure logging is 'enabled' for our key vaults. 

它将我们的保险库列为"不健康的资源"。并建议我们打开诊断程序。

It is listing our vaults as "unhealthy resources" and advising us to switch on diagnostics.

我已经为每个诊断程序激活了诊断程序，门户网站显示它们已连接到我设置的Log Ananlytics Workspace。 "AuditEvent"选择了日志架构以及"所有指标"

I already have diagnostics active for each of them, the portal is showing them as connected to the Log Ananlytics Workspace I set up. The "AuditEvent" log schema is selected as well as 'all metrics'

三天之后，我仍然看到安全中心的错误，说明它们未启用。

After three days I'm still seeing the error under security center saying that they are not enabled.

还有什么我们需要做的吗？

Is there anything else we need to do?

谢谢

Dan

推荐答案

您可以使用以下命令检查诊断设置的状态 -  

Can you check the status of your diagnostics settings using the below commands - 

kv = Get-AzKeyVault -VaultName'< Your Key Vault>'
Get-AzDiagnosticSetting -ResourceId

kv = Get-AzKeyVault -VaultName '<Your Key Vault>'
Get-AzDiagnosticSetting -ResourceId

kv.ResourceId

kv.ResourceId

这篇关于安全中心：确保Azure KeyVault的日志记录为“已启用”的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！