Auditing Azure SQL

Question

Dear

Good morning

I need to clarify one more question regarding the Auditing service in Azure SQL Server and Database.

What specific differences exist between enabling Auditing at the SQL Server or Database level?

Thank you!

Answer 1

Hi @Fernando Gutierrez

Greetings!

As I understand it, you are looking for the specific differences between enabling Auditing at the SQL Server level versus the Database level.

Server-level and Database-level Auditing Policy

• You can configure both server and database level auditing.
• Server-level auditing is applicable for all databases (including any newly created databases).
• If you enable database level auditing, the database could be audited twice – once using the server auditing and another using database-level auditing. Therefore, you should enable database auditing in the case where any specific requirements are not met using the server level auditing. Otherwise, you should try to avoid enabling database level auditing. Server level auditing:  From Azure portal, go to the server security blade -> auditing and select Enable Azure SQL auditing. This will enable the server level audit for all databases Database Level auditing: Azure SQL Database audit is useful for tracking certain database events and storing them in your Azure storage account, Event Hubs or Log Analytics. In the following sections, we look at auditing for Azure SQL Database. To enable database level audit, In the azure portal go to database security blade -> auditing and select enable Azure SQL auditing. This will enable database level auditing. In the below screen shot you can see server level audit is disabled. but for your server if server level audit is enabled then you must check the reason why you still need database level audit Please find the Microsoft documentation link for help. https://www.mssqltips.com/sqlservertip/6732/azure-sql-database-auditing/ I hope this information helps. Please do let us know if you have any further queries.