Ensure that the database auditing policy attached to your Microsoft Azure SQL servers has a sufficient log data retention period, i.e. 90 days or more, configured for reliability and compliance purposes. The retention period represents the number of days to retain audit log data for the databases hosted on Azure SQL servers.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
A log data retention period of 90 days or more, should allow you to collect the necessary amount of audit data useful to check for anomalies and potential security breaches, or misuse of information and access to your SQL database.
Audit
To determine if your SQL database auditing policy have a sufficient log data retention period, perform the following actions:
Remediation / Resolution
To extend audit log data retention period for your Microsoft Azure SQL database servers, perform the following actions:
References
- Azure Official Documentation
- Get started with SQL database auditing
- CIS Microsoft Azure Foundations
- Azure Command Line Interface (CLI) Documentation
- SQL
- Get-AzSqlServer
- Get-AzSqlServerAuditing
- Set-AzSqlServerAuditing
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
SQL Auditing Retention
Risk Level: Medium