Azure SQL server without desired audit action groups configured

Logging and monitoring

Azure SQL server without desired audit action groups configured

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
coppa
CPRA
Data Security Posture Management (DSPM) Best Practices
ISO/IEC 27001
Microsoft Cloud Security Benchmark
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA

Description

The SQL Server Audit feature enables you to audit server-level groups of events and individual events. SQL Server audits consist of zero or more audit action items. These audit action items can be either a group of actions, such as Server_Object_Change_Group, or individual actions such as SELECT operations on a table.

Recommended Mitigation

It's recommended to configure '{AzureSqlDbServer}' with the following action groups: 'SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP', 'FAILED_DATABASE_AUTHENTICATION_GROUP' and 'BATCH_COMPLETED_GROUP'.

Azure SQL server without desired audit action groups configured

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS