MEDIUM
Source
CloudSploit
ID
database-auditing-enabled

Database Auditing Enabled

Ensures that SQL Database Auditing is enabled

Enabling SQL Database Auditing ensures that all database activities are being logged properly, including potential malicious activity.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Microsoft Azure Management Console.

  2. Select the “Search resources, services, and docs” option at the top and search for “SQL databases”. Step

  3. On the “SQL database” page, select the SQL database that needs to be examined and click on its “Name” to reach its configuration page.Step

  4. On the selected “SQL database” page, scroll down the left navigation panel and select “Auditing” under “Security”.Step

  5. On the “Auditing configuration page”, verify the “Enable Azure SQL Auditing” staus. If it’s set to “OFF” then “SQL database Auditing” is not enabled for the selected “SQL database.” Step

  6. To enable Auditing for SQL database, on the “Auditing configuration page”, turn the toggle status to “ON” and under “Audit log destination select from the “Storage /Log Analytics/ Event Hub” as per the availability.

  7. Click on the “Save” button at the top to make the necessary changes.

  8. Repeat steps number 3 - 7 to ensure that auditing is enabled for each SQL database.