One of the most anxiously anticipated and long-awaited feature additions to the Azure SQL Database, introduced to Azure Preview just this past August 2014 and added to the Azure Portal and Powershell on October 9, 2014, is the ability to audit various database actions and events, including:
- Access to data
- Schema changes (DDL)
- Data changes (DML)
- Accounts, roles, and permissions (DCL)
- Security exceptions
These are very useful for anyone who wants to:
- Retain an audit trail of selected events. Define categories of database actions and events to be logged.
- Report on database activity. Use preconfigured reports and a dashboard to get started quickly with activity and event reporting.
- Analyze reports. Find suspicious events, unusual activity, and trends.
SQL Database Auditing increases an organization’s ability to gain deep insight into events and changes that occur within their SQL database, including updates and queries against the data. Using a very simple and intuitive configuration interface, you can now have Auditing up and running on your database within minutes. Auditing is available for all Basic, Standard and Premium databases, and configurable via the new Azure Preview Portal or via standard APIs.
With auditing enabled on your database, you immediately have a repository of valuable data that can serve a variety of objectives.
- Streamline compliance-related activities
Auditing is a valuable tool that can be used to help organizations meet various industry compliance requirements and regulations, such as PCI-DSS, SOX or HIPAA. Many such regulations require an audit trail on data-related activities against the underlying databases.
- Gain Insight about database activity
Retaining an audit trail means that you now know exactly what activity is taking place on your database, by whom and when. This can readily be used to enhance business visibility; such data can help to identify business trends or potentially indicate business concerns. For instance, an analysis of the data may identify a drop in activity levels over time in a database located in a particular geographic location, which can then be addressed by the business.
- Identify suspected security violations
An analysis of audit data can expose discrepancies and anomalies in data-related activities across the organization. This can lead to the identification of potential security incidents.
For those who prefer scripting for database management, you can now configure and manage Auditing using PowerShell. Every action taken on Auditing in the portal can also be done via PowerShell commands. The available Auditing cmdlets are as follows:
- Get the current auditing policy of a database
- Get the current auditing policy of a database server
- Set auditing policy for a database server
- Disable auditing on a specific database
- Disable auditing on a specific database server
- Set a specific database to use its server’s auditing policy
Microsoft provides a wealth of useful resources that will help you get started with Auditing. For a great place to start to learn more about Auditing and how to set it up, take a look at the Channel 9 episode “Auditing in Azure SQL Database.”
Another site to bookmark and refer to is the Microsoft Azure Trust Center.
Auditing will help you achieve and maintain regulatory compliance, improve application development, and rapidly troubleshoot any database difficulties that may arise.
If you’d like to discuss auditing of your Azure SQL Database, please contact Hanu at 800-520-1816.