Saved-queries in Azure Monitor should be saved in customer storage account
MEDIUM
Ensures Azure Monitor saved queries are stored in a customer-owned storage account for data sovereignty.
What does this mean?
This recommendation ensures that saved queries in Azure Monitor Log Analytics are stored in a customer-managed storage account rather than the default service-managed storage, providing additional control over query data.
Benefits of implementation
- Full control over the storage location of saved queries
- Supports data sovereignty and residency requirements
- Enables customer-managed encryption of query data
Drawbacks and considerations
- Requires additional storage account configuration
- Minor operational overhead for storage management
- Must ensure storage account availability for query access
Implementation
Implementation guidance coming soon.
Related recommendations
Related recommendations will be linked here.
Frameworks
Details
- Risk Level
- MEDIUM
- Category
- Storage Security
- Azure Resource
- Frameworks
- 1 frameworks
- Last updated
- 2026-02-12