Apply Diagnostic Settings for Network Security Groups

This policy automatically deploys diagnostic settings to network security groups.

Try on Portal

Try with PowerShell

$definition = New-AzPolicyDefinition -Name "apply-diagnostic-setting-network-security-group" -DisplayName "Apply Diagnostic Settings for Network Security Groups" -description "This policy automatically deploys diagnostic settings to network security groups." -Policy 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/apply-diagnostic-setting-network-security-group/azurepolicy.rules.json' -Parameter 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/apply-diagnostic-setting-network-security-group/azurepolicy.parameters.json' -Mode Indexed
$definition
$assignment = New-AzPolicyAssignment -Name <assignmentname> -Scope <scope> -storagePrefix <storagePrefix> -rgName <rgName> -PolicyDefinition $definition
$assignment 

Try with CLI

az policy definition create --name 'apply-diagnostic-setting-network-security-group' --display-name 'Apply Diagnostic Settings for Network Security Groups' --description 'This policy automatically deploys diagnostic settings to network security groups.' --rules 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/apply-diagnostic-setting-network-security-group/azurepolicy.rules.json' --params 'https://raw.githubusercontent.com/Azure/azure-policy/master/samples/Monitoring/apply-diagnostic-setting-network-security-group/azurepolicy.parameters.json' --mode Indexed

az policy assignment create --name <assignmentname> --scope <scope> --params "{ 'storagePrefix': { 'value': '<storagePrefix>' }, 'rgName': { 'value': '<rgName>' } }" --policy "apply-diagnostic-setting-network-security-group"