Enable SQL MI logs related database drop/delete activity
We have an Azure SQL MI having number of databases on it . We have to enable audit logs of SQL MI from diagnostic settings and also enabled logs by executing queries on MI and sending those logs to event hub. We are getting up logs (select, Execute) but not able to see the logs related to database drop/delete activity
the blog (https://docs.imperva.com/en-US/bundle/cloud-data-security/page/78051.htm) I am using the for enabling audit log in Azure SQL MI, what I am missing any step plus we need to see/visualize the data/request that are coming to eventHub.
Create a new alert using portal or Azurecli
- Navigate to [Monitor Alerts]>>Select New alert rule>> Under Scope, click Select Resource>> subscription and click Done>> Under Condition, click Select Condition>>“Create/Update server firewall rule” >> Select Done >> Under Action group, click Select action group >> Select the desired action group to attach to the alert rule, or create one if needed, and click Select >> Enter an alert rule name and description >>Select a resource group>>Click Create alert rule.
Reference taken from Fugue.
az monitor activity-log alert create --name createUpdateSQLServerFirewallRule \ --resource-group <resource_group_name> \ --condition category="Administrative" and \ operationName="Microsoft.Sql/servers/firewallRules/write" \ --scope "/subscriptions/<subscription_id>" \ --action-group <action_group>
For database, deletion refer this.
az monitor activity-log alert create--name cc-delete-sql-database-alert--description "Alert triggered by Delete Azure SQL Database events"--resource-group Default-ActivityLogAlerts--action-group "/subscriptions/1234abcd-1234-abcd1234abcd1234abcd/resourcegroups/defaultactivitylogalerts/providers/microsoft.insights/actiongroups/cloudconformity%20action%20group" --condition category=Administrative andoperationName=Microsoft.Sql/servers/databases/delete
For SQL server Deletion:
- How to view docker-compose healthcheck logs?
- ServiceCollection does not contain a definition from "AddLogging"
- Log Rotating into a Directory using Python
- Python Logging (function name, file name, line number) using a single file
- Detect log file rotation (while watching log file for modification)
- Default logging file for spring boot application
- Python logging: create log if not exists or open and continue logging if it does
- Does RabbitMQ allow Audit Logging
- Caused By: java.lang.NoClassDefFoundError: org/apache/log4j/Logger
- How do I test that Sentry is reporting errors?
- How to disable all logging info to the spark console from .net application
- How to set the logging level for the elasticsearch library differently to my own logging?
- Is there a way to print cron-expressions in human readable form?
- LoggerFactory.getLogger cannot be resolved to a type
- @ error suppression operator and set_error_handler
- logging.file.max-history is not working in Spring Boot
- Filter Serilog logs to different sinks depending on context source?
- Extra info messages from Struts appearing during Weblogic 12c startup
- How to format Azure DevOps console Logs
- Application Insights Logging Exceptions as Trace
- Rails 7.1, log to STDOUT and log/production.log
- Logging custom elements Zend Log Formatter XML
- Printing to the console in Google Apps Script?
- How can I prevent sentry from capturing events for some uncaught exceptions and logging messages?
- Python Logging - How to inherit root logger level & handler
- python logging: email entire log file as attachment when level >= ERROR
- How to log exceptions in Java?
- Use logging print the output of pprint
- Add a "log" for a single function
- PyCharm logging output colours