Control: Azure > CIS v2.0 > 04 - Database Services > 4.01 SQL Server - Auditing
Auditing for Azure SQL Servers and SQL Databases tracks database events and writes them to an audit log Azure storage account, Log Analytics workspace or Event Hubs. Auditing helps to maintain regulatory compliance, understand database activity, and gain insight into discrepancies and anomalies that could indicate business concerns or suspected security violations. Auditing enables and facilitates adherence to compliance standards, although it doesn't guarantee compliance. The Default SQL Server Auditing profile set for SQL server is inherited by all the SQL Databases which are part of the SQL server.
Primary Policies
The following policies can be used to configure this control:
- 4.01 SQL Server - Auditing > 4.01.01 - Ensure that 'Auditing' is set to 'On'
- 4.01 SQL Server - Auditing > 4.01.02 - Ensure no Azure SQL Databases allow ingress from 0.0.0.0/0 (ANY IP)
- 4.01 SQL Server - Auditing > 4.01.03 - Ensure SQL server's Transparent Data Encryption (TDE) protector is encrypted with Customer-managed key
- 4.01 SQL Server - Auditing > 4.01.04 - Ensure that Azure Active Directory Admin is Configured for SQL Servers
- 4.01 SQL Server - Auditing > 4.01.05 - Ensure that 'Data encryption' is set to 'On' on a SQL Database
- 4.01 SQL Server - Auditing > 4.01.06 - Ensure that 'Auditing' Retention is 'greater than 90 days'
- 4.01 SQL Server - Auditing
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv2-0#/control/types/s0401
- tmod:@turbot/cis#/control/categories/cis
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv2-0#/control/types/s0401"
Get Controls
Control Type URI
Category URI
GraphQL
CLI