Auditing Microsoft support operations
Applies to: 
Azure SQL Database
Azure Synapse Analytics
Auditing of Microsoft support operations for your logical server in Azure SQL Database allows you to audit Microsoft support engineers' operations when they need to access your server during a support request. The use of this capability, along with your auditing, enables more transparency into your workforce and allows for anomaly detection, trend visualization, and data loss prevention.
Auditing of Microsoft support operations includes the following set of action groups, which audit all queries executed against the database, as well as successful and failed logins by Microsoft support engineers:
- BATCH_COMPLETED_GROUP
- SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP
- FAILED_DATABASE_AUTHENTICATION_GROUP
Enable auditing
To enable auditing of Microsoft support operations, Go to the Azure portal.Navigate to Auditing under the Security heading in your Azure SQL server pane, and switch Enable Auditing of Microsoft support operations to ON.
To review the audit logs of Microsoft support operations in your Log Analytics workspace, use the following query:
AzureDiagnostics
| where Category == "DevOpsOperationsAudit"
You have the option of choosing a different storage destination for this auditing log, or use the same auditing configuration for your server.
See also
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for