Azure_SQLServers_2

Ensure that AuditActionGroups ' in ' auditing ' policy for a SQL server is set properly

Description

Configure the ‘ AuditActionGroups ‘ property to appropriate groups to capture all the critical activities on the SQL Server and all the SQL databases hosted on the SQL server.

Remediation

On Azure Console, There is no Provision to check or change AuditActionGroup property.

Perform the following in Azure PowerShell:

To create Audit profile with prescribed ‘ AuditActionGroup ‘.

Set-AzureRmSqlServerAuditingPolicy -ResourceGroupName <resourceGroup> -ServerName <serverName> -StorageAccountName storageAccountName -AuditActionGroup SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, FAILED_DATABASE_AUTHENTICATION_GROUP -RetentionInDays <number >= 90>

References:

https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions?view=sql-server-2017#database-level-audit-action-groups
https://docs.microsoft.com/en-us/powershell/module/azurerm.sql/set-azurermsqlserverauditingpolicy?view=azurermps-6.5.0

Ensure that AuditActionGroups ' in ' auditing ' policy for a SQL server is set properly

Description

Remediation

Service

Severity

Compliance

Mapping

Cloudlytics

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Ensure that AuditActionGroups ' in ' auditing ' policy for a SQL server is set properly

Description

Remediation

Service

Severity

Compliance

Mapping

CLOSE

We are now live on AWS Marketplace. The integrated view of your cloud infrastructure is now easier than ever!

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!