Free Assessment

Azure_SQLServers_2

Ensure that AuditActionGroups ' in ' auditing ' policy for a SQL server is set properly

Description

Configure the ‘ AuditActionGroups ‘ property to appropriate groups to capture all the critical activities on the SQL Server and all the SQL databases hosted on the SQL server.

Remediation

On Azure Console, There is no Provision to check or change AuditActionGroup property.

Perform the following in Azure PowerShell:

To create Audit profile with prescribed ‘ AuditActionGroup ‘.

Set-AzureRmSqlServerAuditingPolicy -ResourceGroupName <resourceGroup> -ServerName <serverName> -StorageAccountName storageAccountName -AuditActionGroup SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, FAILED_DATABASE_AUTHENTICATION_GROUP -RetentionInDays <number >= 90>

References:

  1. https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions?view=sql-server-2017#database-level-audit-action-groups
  2. https://docs.microsoft.com/en-us/powershell/module/azurerm.sql/set-azurermsqlserverauditingpolicy?view=azurermps-6.5.0

Service

Database Services

Severity

Medium

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More