Policy: Azure > SQL > Database > Auditing
Define the Auditing settings required for Azure > SQL > Database
.
Auditing for Azure SQL Database tracks database events and writes them to an audit log in your Azure Storage account, Log Analytics workspace or Event Hubs. This control determines whether the resource auditing is set to your desired Azure Storage account with desired retention days.
An auditing policy can be defined for a specific database or as a default server policy. A server policy applies to all existing and newly created databases on the server. Azure recommends to enable only server-level blob auditing and leave the database-level auditing disabled for all databases.
The Auditing control compares the auditing settings against the auditing policies for the resource (Azue > SQL > Database > Auditing > *), raises an alarm, and takes the defined enforcement action
Resource Types
This policy targets the following resource types:
Related Policies
Controls
Policy Specification
Schema Type |
|
---|---|
Default |
|
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/resourceLogging
- tmod:@turbot/azure-sql#/policy/types/databaseAuditing
- turbot graphql policy-type --id "tmod:@turbot/azure-sql#/policy/types/databaseAuditing"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-sql#/policy/types/databaseAuditing"
Get Policy TypeGet Policy Settings