Azure SQL Database must generate audit records when unsuccessful logons or connection attempts occur.

An XCCDF Rule

Details
Profiles

Description

For completeness of forensic analysis, it is necessary to track failed attempts to log on to Azure SQL Database. While positive identification may not be possible in a case of failed authentication, as much information as possible about the incident must be captured.

ID: SV-255369r961824_rule
Version: ASQL-00-014800
Severity: Medium
References: CCI-000172
Updated: 6 days ago

Remediation Templates

Deploy an Azure SQL Database audit.

Refer to the supplemental file "AzureSQLDatabaseAudit.txt" PowerShell script.

Reference: 
https://docs.microsoft.com/en-us/powershell/module/az.sql/set-azsqlserveraudit">https://docs.microsoft.com/en-us/powershell/module/az.sql/set-azsqlserveraudit

Azure SQL Database must generate audit records when unsuccessful logons or connection attempts occur.

Description

Remediation Templates

A Manual Procedure