Suggest Centralized Log Analytics Workspace in Management Tier for Log Consolidation and Sentinel Enablement

Azure / missionlz

Azure landing zone for SCCA-compliant organizations.

MIT License

236 stars 133 forks source link

Suggest Centralized Log Analytics Workspace in Management Tier for Log Consolidation and Sentinel Enablement #197

Closed johnsblevins closed 3 years ago

johnsblevins commented 3 years ago

Suggest moving log analytics workspace out of saca hub grouping to separate management Tier for future consolidation of all log sources (not just Azure Firewall and Net Flow/NSG logs). Also consider adding the "Security" Solution (Sentinel) out of the box.

brooke-hamilton commented 3 years ago

@johnsblevins we have an existing work item for moving log analytics to tier 1: #128. For Sentinel, let's talk about adding this to our backlog.

brooke-hamilton commented 3 years ago

Scope for this issue is now part of #128 and #256. @johnsblevins thank you for this feedback.