Ensure that the "Auditing" feature is enabled within your Microsoft Azure SQL server configuration settings in order to monitor your SQL databases for security, compliance and troubleshooting purposes. Microsoft Azure allows an SQL server to be created as a service. Enabling auditing at the server level ensures that all existing and newly created databases on that SQL server are audited.
Once enabled, the SQL database auditing starts recording database events and writes them to an audit log created within your Azure Storage account, OMS workspace or Event Hub. The logging data recorded can be extremely useful for maintaining security and regulatory compliance, understand database activity and trends, and gain insight into anomalies that could indicate potential security violations.
Audit
To determine if database auditing is enabled for your Microsoft Azure SQL servers, perform the following actions:
Remediation / Resolution
To enable SQL database auditing for your Microsoft Azure SQL database servers, perform the following actions:
References
- Azure Official Documentation
- Get started with SQL database auditing
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- SQL
- Get-AzSqlServer
- Get-AzSqlServerAuditing
- Set-AzSqlServerAuditing
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
Enable Auditing for SQL Servers
Risk level: Medium