Skip to content
Nuclei Templates

Azure Network Watcher Service Not Enabled

ID: azure-network-watcher

Severity: high

Author: princechaddha

Tags: cloud,devops,azure,microsoft,network-watcher,azure-cloud-config

Description

Section titled “Description”

Ensure that Azure Network Watcher service is enabled for all regions in your Microsoft Azure subscription to help monitor and diagnose conditions at the network level.

YAML Source

Section titled “YAML Source”
id: azure-network-watcher
info:
  name: Azure Network Watcher Service Not Enabled
  author: princechaddha
  severity: high
  description: |
    Ensure that Azure Network Watcher service is enabled for all regions in your Microsoft Azure subscription to help monitor and diagnose conditions at the network level.
  impact: |
    Not having Azure Network Watcher enabled can prevent effective monitoring and diagnosing of network conditions, increasing the risk of network failures going undetected.
  remediation: |
    Enable Azure Network Watcher in all regions of your Microsoft Azure subscription. Refer to Azure documentation on how to enable and manage Azure Network Watcher.
  reference:
    - https://docs.microsoft.com/en-us/azure/network-watcher/network-watcher-monitoring-overview
  tags: cloud,devops,azure,microsoft,network-watcher,azure-cloud-config


self-contained: true
code:
  - engine:
      - sh
      - bash
    source: |
      az network watcher list --query '[*].{"location":location,"provisioningState":provisioningState,"resourceGroup":resourceGroup}' --output json


    matchers:
      - type: word
        words:
          - '[]'


    extractors:
      - type: dsl
        dsl:
          - '"Azure Network Watcher is not enabled in all locations."'
# digest: 4b0a00483046022100b1bf9d1c734788d9531b9e0c5fecda0f147f01dc1646bc0e54ca059c866ad9b90221009991748f37923a08d5536665033279d67912a154055e2b2646b888c74b20b9d9:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "cloud/azure/network/azure-network-watcher.yaml"

View on Github