search
Sprinto DashboardAPI Reference

How to resolve Sprinto check for enabling Azure Virtual Network flow logs

Enable Azure Virtual Network flow logs to meet Sprinto monitoring requirements and ensure network traffic is captured for security and compliance visibility.

hashtag
About

Sprinto Check: Azure virtual network flow logs should be captured

Sprinto verifies that Azure network traffic is logged to ensure visibility into ingress and egress activity for security monitoring and investigations. As Azure has deprecated Network Security Group (NSG) flow logs, Sprinto now evaluates Virtual Network flow logs directly.

This article explains how to enable Virtual Network flow logs in Azure and re-evaluate the check in Sprinto so the monitor passes successfully.

hashtag
Prerequisites

Before you begin, ensure that:

  • You have Contributor or higher access in the Azure subscription

  • Network Watcher is enabled in the Azure region

  • At least one Virtual Network, Subnet, or Network Interface exists

  • A Storage Account is available to store flow logs

  • You have access to the Sprinto dashboard

hashtag
Procedure

hashtag
Enable Virtual Network flow logs (Azure portal)

  1. Sign in to the Microsoft Azure portal.

  2. From the home page, select Network Watcher.

  1. In the left navigation, select Flow logs.

  2. Click Create.

  1. Under Project details, select the required Subscription.

  2. Under Flow log type, select Virtual network.

circle-exclamation

Network Security Group flow logs are deprecated and cannot be selected

  1. Click Select target resource and choose Virtual network.

  2. Select one or more virtual networks and click Confirm selection.

  1. Under Instance details, select a Storage account.

  2. Set Retention (days) to a value greater than 0.

  1. Click Review + create.

  2. Review the configuration and click Create.

Azure will now start capturing Virtual Network flow logs.

hashtag
Re-evaluate the check (Sprinto dashboard)

  1. Log in to the Sprinto dashboard.

  2. Navigate to Monitoring.

  1. Locate the Azure flow log–related check.

  2. Open the check details page.

  3. Click Evaluate now.

Sprinto fetches the updated configuration from Azure and updates the check status accordingly.

hashtag
Key notes

  • Sprinto no longer relies on Network Security Group flow logs.

  • Virtual Network flow logs automatically cover:

    • Subnets

    • Network interfaces

  • If flow logs are enabled at:

    • The virtual network level or

    • All associated subnets or network interfaces the check passes.

  • Retention days must be greater than 0.

  • After enabling flow logs, always re-run the check using Evaluate now.

PreviousHow to resolve Sprinto check for enabling GCP VPC flow logNextHow to resolve Sprinto check for capturing flow logs on Oracle Cloud Virtual Cloud Network (VCN)

Last updated