Logging and monitoring

Azure SQL server without desired audit action groups configured


The SQL Server Audit feature enables you to audit server-level groups of events and individual events. SQL Server audits consist of zero or more audit action items. These audit action items can be either a group of actions, such as Server_Object_Change_Group, or individual actions such as SELECT operations on a table.
  • Recommended Mitigation

    It's recommended to configure '{AzureSqlDbServer}' with the following action groups: 'SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP', 'FAILED_DATABASE_AUTHENTICATION_GROUP' and 'BATCH_COMPLETED_GROUP'.