| Plugin Title | Database Auditing Enabled |
| Cloud | AZURE |
| Category | SQL Databases |
| Description | Ensures that SQL Database Auditing is enabled |
| More Info | Enabling SQL Database Auditing ensures that all database activities are being logged properly, including potential malicious activity. |
| AZURE Link | https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-auditing-on-sql-databases |
| Recommended Action | Ensure that auditing is enabled for each SQL database. |
- Log in to the Microsoft Azure Management Console.
- Select the "Search resources, services, and docs" option at the top and search for "SQL databases".
- On the "SQL database" page, select the SQL database that needs to be examined and click on its "Name" to reach its configuration page.
- On the selected "SQL database" page, scroll down the left navigation panel and select "Auditing" under "Security".
- On the "Auditing configuration page", verify the "Enable Azure SQL Auditing" staus. If it's set to "OFF" then "SQL database Auditing" is not enabled for the selected "SQL database."
- To enable Auditing for SQL database, on the "Auditing configuration page", turn the toggle status to "ON" and under "Audit log destination select from the "Storage /Log Analytics/ Event Hub" as per the availability.
- Click on the "Save" button at the top to make the necessary changes.
- Repeat steps number 3 - 7 to ensure that auditing is enabled for each SQL database.
