Same issue here on hundreds of VMs, only difference is that ours are already sending diagnostics to Log Analytics so I'm really not sure what it's complaining about.
How to fix Audit Diagnostic Setting recommendation (Security Center/Microsoft Defender for cloud)
The title of recommendation is Audit diagnostic Setting and the description: Audit diagnostic setting for selected resource types.
There is no automatic "Fix" button.
For most resources like Storage Accounts and App Services I opened the Diagonostic Settings on the resources and configured it to send the logs/metrics to Log Analytics workspace. But it complains for some resources that do not have "Diagnostic Settings" in the menu like:
- Virtual Network Gateway (VPN)
- SQL "master" Database (regular databases have this option and it worked fine for them)
- Virtual machine scale set for Azure Kubernetes Service
I tried to set it on "parent" resources (e.g. Virtual Network, SQL Server, Azure Kubernetes Service) but it did not help.