Ensure that the database auditing policy attached to your Microsoft Azure SQL servers has a sufficient log data retention period, i.e. 90 days or more, configured for reliability and compliance purposes. The retention period represents the number of days to retain audit log data for the databases hosted on Azure SQL servers.
A log data retention period of 90 days or more, should allow you to collect the necessary amount of audit data useful to check for anomalies and potential security breaches, or misuse of information and access to your SQL database.
Audit
To determine if your SQL database auditing policy have a sufficient log data retention period, perform the following actions:
Remediation / Resolution
To extend audit log data retention period for your Microsoft Azure SQL database servers, perform the following actions:
References
- Azure Official Documentation
- Get started with SQL database auditing
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- SQL
- Get-AzSqlServer
- Get-AzSqlServerAuditing
- Set-AzSqlServerAuditing
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
SQL Auditing Retention
Risk level: Medium