Hi Mallaiah S
Overview: It's a security policy that send diagnostic logs to Log Analytics in your azure. Basically, this doesn't affect operation but only affect the compliance.
- Can you first check - Does that storage account really exist in your azure?
Compliance reason is in "NOT FOUND " maybe someone created it and deleted it after some time. If it's true, then it will be soon start showing in compliant state.
- If you want to make it compliant: Go to the storage - Search in left pane for DIAGNOSTICS SETTING" and create manually diagnostics setting and set the Log Analytics as per policy definition. Refer Snapshot for help.
Note: Attach the correct Log analytics as per mentioned in policy definition otherwise it won't work.
Step 2 is a work around since you said you don't have remediation option and want to make it compliant. Once you added the correct diagnostic setting then you need to wait for policy to re-evaluate the value (which happens every 12 Hr typically)
Step 3: If the diagnostic setting already existed and it is set to correct Log analytic workspace but it still you are getting non-compliant, then check if the name of diagnostic setting is same as mentioned in policy. Since you will be creating it manually.
Search in your policy definition for this detail and "default value : storageaccount disgnosticxxxxxx " in this way your diagnostic name should be storageAccountsDiagnosticsLogsxxxxxx . hope you understood the example.
"diagnosticsSettingNameToUse": {
"type": "String",
"metadata": {
"displayName": "Setting name",
"description": "Name of the diagnostic settings."
},
"defaultValue": "storageAccountsDiagnosticsLogxxxxxx"
--- if you find this help, please accept the answer---