This article provides more information on resolving the Azure integration has active log Alerts test.
How to Fix
- Navigate to a resource (VM, Database, Storage Account, etc.) in Azure and select logs under the monitoring section:
- Select Queries and select a query that makes sense for the resource or write your own:
-
Run the query to ensure data is returned
- Select New alert rule
- Walk through the rest of the required items from Azure, nothing is explicitly required in the next sections for the Vanta test to pass. More information on how to do this is documented here!
Common Reasons For Failure
- The query has been created, but an alert rule has not been created. Ensure that you have completely created and saved the alert rule.
- Ensure that the log alert is enabled. This can also be seen from the test data (see below)
- Vanta cannot see the the Alert Rule. Ensure that the test data shows the alerts in your Azure instance:
Example Data:
What Vanta is checking:
- Vanta is checking that at least one of these alerts exists on a resource in your account and that it is active. Your organization must determine which resources require alerts and which metrics are used in the alerts.
- If the test is not passing, ensure you have a resource with an alert with a signal type of "log search." To check this, navigate to the "Alerts" tab for a resource and select "Alert rules":
- Then check that the one that is enabled has the signal type of "log search":