Ensure that the functions managed with Microsoft Azure Function App are configured to use Azure Monitor Application Insights. Application Insights is a robust APM solution designed to cater to the needs of both developers and DevOps experts. By enabling this service, you can effortlessly set up continuous monitoring for your serverless application. Application Insights excels at identifying performance irregularities and offers a suite of potent analytical tools to assist you in troubleshooting problems and gaining deep insights into user interactions with your application.
PoC代码[已公开]
id: azure-functionapp-appinsights-missing
info:
name: Application Insights Integration for Azure Function Apps
author: princechaddha
severity: high
description: |
Ensure that the functions managed with Microsoft Azure Function App are configured to use Azure Monitor Application Insights. Application Insights is a robust APM solution designed to cater to the needs of both developers and DevOps experts. By enabling this service, you can effortlessly set up continuous monitoring for your serverless application. Application Insights excels at identifying performance irregularities and offers a suite of potent analytical tools to assist you in troubleshooting problems and gaining deep insights into user interactions with your application.
impact: |
Without integration with Application Insights, Azure Function Apps may lack comprehensive monitoring, impacting the visibility and troubleshooting of performance issues.
remediation: |
Configure your Azure Function Apps to integrate with Application Insights to enable detailed monitoring and analytics capabilities.
reference:
- https://docs.microsoft.com/en-us/azure/azure-monitor/app/app-insights-overview
tags: cloud,devops,azure,microsoft,application-insights,azure-cloud-config
flow: |
code(1);
for (let AppData of iterate(template.functionApps)) {
AppData = JSON.parse(AppData);
set("name", AppData.name);
set("resourceGroup", AppData.resourceGroup);
code(2);
}
self-contained: true
code:
- engine:
- sh
- bash
source: |
az functionapp list --query '[*].{name:name, resourceGroup:resourceGroup}' --output json
extractors:
- type: json
name: functionApps
internal: true
json:
- '.[]'
- engine:
- sh
- bash
source: |
az functionapp config appsettings list --name $name --resource-group $resourceGroup --query '[*].name' --output json
matchers-condition: and
matchers:
- type: word
words:
- "APPINSIGHTS_INSTRUMENTATIONKEY"
negative: true
- type: word
part: body
words:
- "["
extractors:
- type: dsl
dsl:
- 'name + " does not have Application Insights integration enabled"'
# digest: 4b0a0048304602210082a64b233178e9ce47ccfceb680640f78708d5703000894d83f21e8a9d1a0e54022100ee286e0af191b5cffca3c962d83ed8ffb799ddb72dc6205a63ee8286750e3055:922c64590222798bb761d5b6d8e72950