SQL Server auditing is disabled Affecting Database service in Azure

Severity Framework Snyk CCSS

Rule category Logging / Audit

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Azure CIS-Controls

Snyk ID SNYK-CC-00535
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Audit records may not be available during investigation.

How to fix?

Set extendedAuditingSettings sub resource.

Terraform

azurerm_mssql_server_extended_auditing_policy

References

Auditing for Azure SQL Database and Azure Synapse Analytics