Azure SQL Server with Auditing written to Log Analytics
This template allows you to deploy an Azure SQL server with Auditing enabled to write audit logs to Log Analytics (OMS workspace)
In order to send audit events to Log Analytics, set auditing settings with 'Enabled' state and set 'IsAzureMonitorTargetEnabled' as true. Also, configure Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the 'master' database (for server level auditing).
Auditing for Azure SQL Database and Azure Synapse Analytics tracks database events and writes them to an audit log in your Azure storage account, Log Analytics workspace or Event Hubs.
For more information on SQL database auditing, see the official documentation.
Enable Auditing of Microsoft support operations (isMSDevOpsAuditEnabled) to tracks Microsoft support engineers'(DevOps) operations on your server and write them to an audit log in your Log Analytics.
For more information on Auditing of Microsoft support operations, see the official documentation.
Tags: Microsoft.OperationalInsights/workspaces, Microsoft.Sql/servers, Microsoft.Sql/servers/databases, Microsoft.Insights/diagnosticSettings, Microsoft.Sql/servers/auditingSettings, Microsoft.Sql/servers/devOpsAuditingSettings