Azure Monitor
      Back to home
      1. Knowledge Base
      2. Azure Knowledge Base
      3. Azure Monitor

      Key Vault No Diagnostic Settings

      Risk Level: Low

      Description: 

      This plugin guarantees that key vaults have diagnostic settings. When you enable Send to Log Analytics, you can be certain that all of your Key Vault logs will be appropriately monitored and handled.

      As a Key Management solution, Azure Key Vault may be utilized. Azure Key Vault makes it simple to generate and manage encryption keys for your data.

      PingSafe strongly recommends ensuring diagnostic settings for the key vault.

      About the Service :

      Azure Monitor can help you improve the availability and performance of your apps and services. It provides a complete solution for gathering, evaluating, and responding to telemetry from the cloud and on-premises settings. This data enables you to better understand how your apps are doing and to detect concerns that may harm them or the resources they rely on in the future.

      Impact : 

      The type of metric and log data to send to the destinations selected in the diagnostic settings is configured. The available kinds differ depending on the resource type.

      Steps to Reproduce :

      1. Sign in to your Azure portal with your Azure account.
        https://portal.azure.com/#home 
      2. Navigate to Azure’s Key Vaults.
      3. Next, move to Diagnostics Settings under Monitoring.
      4. Check if there are any diagnostic settings available for the key vaults. If there are no diagnostic settings that means that the vulnerability exists.
      5. Follow the same steps for other security groups as well.

      Steps for Remediation :

      1. Sign in to your Azure portal with your Azure account.
        https://portal.azure.com/#home 
      2. Navigate to Azure’s Key Vaults.
      3. Next, move to Diagnostics Settings under Monitoring.
      4. Check if there are any diagnostic settings available for the key vaults. If there are no diagnostic settings that means that the vulnerability exists.
      5. Click on Add diagnostic setting to add key vaults diagnostic settings. Next, click on Save.
      6. Follow the same steps for other security groups as well.

      References :

      Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

      Thanks

      PingSafe Support