Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Severity : High

Description: Endpoint Logging This control ensures that all requests to a CDN endpoint are loggedCDN endpoints have logging enabled and endpoints requests are being logged. CDN endpoint represents a specific configuration of content deliver behavior and access. Diagnostics logs allow to export basic usage metrics from CDN endpoint to storage or log analytics workspace.

Remediation Steps: Ensure that diagnostic logging is enabled for each CDN endpoint for each CDN profile

Perform following to enable logging for CDN endpoint :

  1. Login to Azure Portal usingĀ https://portal.azure.com.

  2. Navigate to All resources.

  3. Search for CDN Profile, and select the CDN profile for the endpoint.

  4. Under Endpoint section, Select CDN endpoint to enable diagnostics logs.

  5. In select endpoint details, navigate to Diagnostic logs.

  6. To use Storage account store logs

    1. Enter Diagnostic setting name.

    2. Select Archive to a storage account, then select CoreAnalytics.

    3. For Retention (days), choose the number of retention days.

    4. Select the subscription and storage account for the logs.

    5. Select Save.

  7. To use Log Analytics for the logs.

    1. Enter Diagnostic setting name.

    2. Select Send to Log Analytics, then select CoreAnalytics.

    3. Select the subscription and storage account for the logs.

    4. Select Save.

  8. To use an Event Hub for the logs

    1. Enter Diagnostic setting name.

    2. Select Send to Log Analytics, then select CoreAnalytics.

    3. Select the subscription and storage account for the logs.

    4. Select Save.

Important:

Reference: