Azure Monitor

Load Balancer Log Analytics Disabled

Risk Level: Low

Description: 

This plugin guarantees that Load Balancer Log Analytics logs are transmitted to Azure Monitor correctly. When you enable Send to Log Analytics, all Load Balancer logs are appropriately monitored and controlled. The Azure Metrics in the Azure portal give multi-dimensional metrics for Azure Load Balancer, allowing you to receive real-time diagnostic insights into your load balancer resources.

PingSafe strongly recommends sending all diagnostic logs for Load Balancers from the Azure Monitor service to Log Analytics.

About the Service :

Azure Monitor can help you improve the availability and performance of your apps and services. It provides a complete solution for gathering, evaluating, and responding to telemetry from the cloud and on-premises settings. This data enables you to better understand how your apps are doing and to detect concerns that may harm them or the resources they rely on in the future.

Impact : 

The type of metric and log data to send to the destinations selected in the diagnostic settings is configured. The available kinds differ depending on the resource type. When you enable Send to Log Analytics, all Load Balancer logs are appropriately monitored and controlled.

Steps to Reproduce :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s Load Balancer in Load Balancing under Load Balancing Services.
  3. Next, move to Diagnostics Settings under Monitoring.
  4. Move to Edit Settings of the load balancer and check if the AllMetrices is checked or not. If it is unchecked, the vulnerability exists.
  5. Follow the same steps for other load balancers as well.

Steps for Remediation :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s Load Balancer in Load Balancing under Load Balancing Services.
  3. Next, move to Diagnostics Settings under Monitoring.
  4. Move to Edit Settings of the load balancer and check if the AllMetrices is checked or not. If it is unchecked, the vulnerability exists.
  5. Check the AllMetrices checkbox and click on Save.
  6. Follow the same steps for other load balancers as well.

References :

Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

Thanks

PingSafe Support