Azure SQL Server with Auditing written to Log Analytics

Azure Public Test Date Azure Public Test Result

Azure US Gov Last Test Date Azure US Gov Last Test Result

Best Practice Check Cred Scan Check

Deploy To Azure

Bicep Version

Deploy To Azure US Gov Visualize

This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace)

In order to send audit events to Log Analytics, set auditing settings with 'Enabled' state and set 'IsAzureMonitorTargetEnabled' as true. Also, configure Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the 'master' database (for server level auditing).

Auditing for Azure SQL Database and Azure Synapse Analytics tracks database events and writes them to an audit log in your Azure storage account, Log Analytics workspace or Event Hubs.

For more information on SQL database auditing, see the official documentation.

Enable Auditing of Microsoft support operations (isMSDevOpsAuditEnabled) to tracks Microsoft support engineers'(DevOps) operations on your server and write them to an audit log in your Log Analytics.

For more information on Auditing of Microsoft support operations, see the official documentation.

Tags: Microsoft.OperationalInsights/workspaces, Microsoft.Sql/servers, Microsoft.Sql/servers/databases, Microsoft.Insights/diagnosticSettings, Microsoft.Sql/servers/auditingSettings, Microsoft.Sql/servers/devOpsAuditingSettings