Control: Azure > SQL > Server > Auditing

Define the auditing settings required for Azure > SQL > Server.

Auditing for Azure SQL Server tracks server events and writes them to an audit log in your Azure Storage account, Log Analytics workspace or Event Hubs. This control determines whether the resource auditing is set to your desired Azure Storage account with desired retention days.

An auditing policy can be defined for a specific database or as a default server policy. A server policy applies to all existing and newly created databases on the server. Azure recommends to enable only server-level blob auditing and leave the database-level auditing disabled for all databases.

The Auditing control compares the auditing settings against the auditing policies for the resource (Azue > SQL > Server > Auditing > *), raises an alarm, and takes the defined enforcement action

Resource Types

This control targets the following resource types:

Azure > SQL > Server

Policies

The following policies can be used to configure this control:

Azure > SQL > Server > Auditing

This control type relies on these other policies when running actions:

Permissions

Cloud permissions used by this control and its actions:

microsoft.sql/servers/auditingsettings/write
microsoft.storage/storageaccounts/listkeys/action
microsoft.storage/storageaccounts/read

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-sql#/control/types/serverAuditing

Category URI

tmod:@turbot/turbot#/control/categories/resourceLogging

GraphQL

query controlType(id: "tmod:@turbot/azure-sql#/control/types/serverAuditing") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-sql#/control/types/serverAuditing'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-sql#/control/types/serverAuditing"