| Plugin Title | Database Auditing Enabled |
| Cloud | AZURE |
| Category | SQL Databases |
| Description | Ensures that SQL Database Auditing is enabled |
| More Info | Enabling SQL Database Auditing ensures that all database activities are being logged properly, including potential malicious activity. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-auditing-on-sql-databases |
| Recommended Action | Ensure that auditing is enabled for each SQL database. |
- Log into the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for SQL databases.
- On the "SQL database" page, select the SQL database that needs to be examine.
- On the selected "SQL database" page, scroll down the left navigation panel and select "Auditing" under the "Security."
- On the "Auditing configuration page", verify the "Auditing" staus. If it's set to "OFF" then "SQL database Auditing" is not enabled for the selected "SQL database."
- Repeat steps number 2 - 5 to verify other "SQL databases" in the account.
- Navigate to "SQL databases", on the "SQL database" page select the "SQL database", scroll down the left navigation panel and choose "Auditing" under the "Security."
- On the "Auditing configuration page", click on the "ON" option next to "Auditing" and select the "Audit log destination" from the "Storage /Log Analytics/ Event Hub" as per the availability.
- Click on the "Save" button at the top to make the changes.
- Repeat steps number 7 - 9 to ensure that auditing is enabled for each SQL database.
