Flow logs should be configured for every NSG
MEDIUM
Ensures NSG flow logs are enabled to capture network traffic flowing through Network Security Groups.
What does this mean?
NSG flow logs record information about IP traffic flowing through Network Security Groups. This data is essential for network monitoring, security analysis, and understanding traffic patterns.
Benefits of implementation
- Full visibility into network traffic patterns
- Essential for security investigation and forensics
- Required for compliance and audit purposes
Drawbacks and considerations
- Storage costs for flow log data can be significant
- Requires storage account or Log Analytics destination
- Log analysis requires specialized tooling (Traffic Analytics)
Implementation
Implementation guidance coming soon.
Related recommendations
Related recommendations will be linked here.
Frameworks
Details
- Risk Level
- MEDIUM
- Category
- Logging & Monitoring
- Azure Resource
- Frameworks
- 1 frameworks
- Last updated
- 2026-02-12