I'm trying to remove all Select statements from Log Analytics of Microsoft Azure SQL server. I found in Microsoft docs that introducing PredicateExpression in Set-AzSQLServerAudit can help me to achieve this. I tried couple of expressions to disable the logs using Powershell Cmdlet, however I still see the logs with Select statements with the same pattern as in Predicate expression.
I tried with following predicate expression already, but it still I see Select statements.
Set-AzSqlServerAudit -ResourceGroupName "myresourcegroup" -ServerName "mysqlserver" -PredicateExpression "statement <> 'exec sp_executesql N%select%' or statement <> 'SELECT 1%'"
and also, with this one
Set-AzSqlServerAudit -ResourceGroupName "myresourcegroup" -ServerName "mysqlserver" –PredicateExpression “statement <> ‘exec sp_executesql N’select%’' or statement <> 'SELECT 1%'”
Anyone has idea where am I going wrong?
Could you please try the following predicate expression to see if it meets your expectations?
Set-AzSqlServerAudit -ResourceGroupName "myresourcegroup" -ServerName "mysqlserver" -PredicateExpression "statement not like '%select%'"