Documentation - V-276297

V-276297

Microsoft Azure SQL Managed Instance Security Technical Implementation Guide

CAT III

Title

Azure SQL Managed Instance must have an audit defined to track Microsoft Support Operations.

Description

<VulnDiscussion>Azure SQL Managed Instance auditing capability is critical for accurate forensic analysis. Reconstruction of harmful events or forensic analysis is not possible if audit records do not contain enough information. To support analysis, some types of events require information to be logged that exceeds the basic requirements of event type, time stamps, location, source, outcome, and user identity. If additional information is not available, it could negatively impact forensic invest...

Fix Text (Documentation Requirement)

Create a new SQL Server Audit with the Microsoft support operations option enabled. Adjust the following T-SQL Query for the environment and execute: CREATE SERVER AUDIT [<Enter Name of Audit>] TO URL ( PATH = N'<URL for Blob Container>' ) WITH ( OPERATOR_AUDIT = ON ) GO ALTER SERVER AUDIT [<Enter Name of Audit>] WITH (STATE = ON) GO Alternatively, when using SQL Server Management Studio to create an audit, ensure the Microsoft support operations checkbox is flagged.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel