Views:
Enable Cloud Detections for Azure Activity Logs to gain actionable insights to user, service, and resource activity in your Azure cloud environments. This feature provides comprehensive log ingestion and advanced XDR detections for Azure Audit Logs, Azure VNET Flow Logs, and Azure AI Services.
You can enable Cloud Detections for Azure Activity Logs on both new and existing Azure subscriptions in Cloud Accounts.
Note
Note
To enable this feature, you must have the Key Vault Secrets Officer role assigned in Azure. This role is required to create and manage secrets in Azure Key Vault during deployment.

Procedure

  1. Enable Cloud Detections for Microsoft Azure Activity Logs for a new or existing Azure subscription:
    1. Go to Cloud SecurityCloud Accounts.
    2. Click the Azure tab.
    3. Click Add Subscription or select an Azure subscription from the list.
    4. On the Features and Permissions page (if you are adding a new subscription), or the Resource Update tab (if you are configuring an existing subscription), enable Cloud Detections for Azure Activity Logs .
  2. Save your changes. If you are adding a new Azure subscription, complete the steps to add the subscription. For more information, see Connect a single Azure subscription.