Configure and access audit logs in the Azure portal

You can configure the Azure Database for MariaDB audit logs and diagnostic settings from the Azure portal.

Prerequisites

To step through this how-to guide, you need:

Configure audit logging

Important

It is recommended to only log the event types and users required for your auditing purposes to ensure your server's performance is not heavily impacted.

Enable and configure audit logging.

  1. Sign in to the Azure portal.

  2. Select your Azure Database for MariaDB server.

  3. Under the Settings section in the sidebar, select Server parameters. Server parameters

  4. Update the audit_log_enabled parameter to ON. Enable audit logs

  5. Select the event types to be logged by updating the audit_log_events parameter. Audit log events

  6. Add any MariaDB users to be excluded from logging by updating the audit_log_exclude_users parameter. Specify users by providing their MariaDB user name. Audit log exclude users

  7. Once you have changed the parameters, you can select Save. Or you can Discard your changes. Save

Set up diagnostic logs

  1. Under the Monitoring section in the sidebar, select Diagnostic settings.

  2. Select on "+ Add diagnostic setting" Add diagnostic setting

  3. Provide a diagnostic setting name.

  4. Specify which data sinks to send the audit logs (storage account, event hub, and/or Log Analytics workspace).

  5. Select "MySqlAuditLogs" as the log type. Configure diagnostic setting

  6. Once you've configured the data sinks to pipe the audit logs to, you can select Save. Save diagnostic setting

  7. Access the audit logs by exploring them in the data sinks you configured. It may take up to 10 minutes for the logs to appear.

Next steps

  • Learn more about audit logs in Azure Database for MariaDB
  • Learn how to configure audit logs in the Azure CLI