Azure Monitor

Load Balancer No Diagnostic Settings

Risk Level: Low

Description: 

This plugin guarantees that load balancers have diagnostic settings. When you enable Send to Log Analytics, all Load Balancer logs are appropriately monitored and controlled. The Open Systems Interconnection (OSI) model's layer 4 is where Azure Load Balancer functions. It is the client's sole point of contact. Inbound flows that arrive at the load balancer's front end are distributed to backend pool instances by the load balancer.

PingSafe strongly recommends enabling diagnostic settings for load balancers.

About the Service :

Azure Monitor can help you improve the availability and performance of your apps and services. It provides a complete solution for gathering, evaluating, and responding to telemetry from the cloud and on-premises settings. This data enables you to better understand how your apps are doing and to detect concerns that may harm them or the resources they rely on in the future.

Impact : 

The type of metric and log data to send to the destinations selected in the diagnostic settings is configured. The available kinds differ depending on the resource type. When you enable Send to Log Analytics, all Load Balancer logs are appropriately monitored and controlled.

Steps to Reproduce :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s Load Balancer in Load Balancing under Load Balancing Services.
  3. Next, move to Diagnostics Settings under Monitoring.
  4. Check if there are any diagnostic settings available for the load balancer. If there are no diagnostic settings that means that the vulnerability exists.
  5. Follow the same steps for other security groups as well.

Steps for Remediation :

  1. Sign in to your Azure portal with your Azure account.
    https://portal.azure.com/#home 
  2. Navigate to Azure’s Load Balancer in Load Balancing under Load Balancing Services.
  3. Next, move to Diagnostics Settings under Monitoring.
  4. Check if there are any diagnostic settings available for the load balancer. If there are no diagnostic settings that means that the vulnerability exists.
  5. Next, click on Add diagnostic setting and then add the Load Balancer Diagnostic Setting and click on Save.
  6. Follow the same steps for other security groups as well.

References :

Please feel free to reach out to support@pingsafe.ai with any questions that you may have.

Thanks

PingSafe Support