Set-AzureSqlServerAuditingPolicy
Set-AzureSqlServerAuditingPolicy
Changes the auditing policy of an Azure SQL server.
Syntax
Parameter Set: Default
Set-AzureSqlServerAuditingPolicy [-ResourceGroupName] <String> -ServerName <String> [-EventType {PlainSQL_Success | PlainSQL_Failure | ParameterizedSQL_Success | ParameterizedSQL_Failure | StoredProcedure_Success | StoredProcedure_Failure | Login_Success | Login_Failure | TransactionManagement_Success | TransactionManagement_Failure | All | None}[] ] [-PassThru] [-Profile <AzureProfile> ] [-RetentionInDays <UInt32]> ] [-StorageAccountName <String> ] [-StorageKeyType <String> {Primary | Secondary} ] [-TableIdentifier <String> ] [ <CommonParameters>]
Detailed Description
The Set-AzureSqlServerAuditingPolicy cmdlet changes the auditing policy of an Azure SQL server. Specify the ResourceGroupName and ServerName parameters to identify the server, the StorageAccountName parameter to specify the storage account to be used for the audit logs, and the EventType parameter to define which event types to audit. After you run this cmdlet, auditing of the databases that use the policy of this server is enabled. If the cmdlet succeeds, and you specify the PassThru parameter, the cmdlet returns an object that describes the current auditing policy, and the server’s identifiers. Server identifiers include, but are not limited to, ResourceGroupName and ServerName.
Parameters
-EventType<String[]>
Specifies the event types to audit. Valid values are:
-- PlainSQL_Success
-- PlainSQL_Failure
-- ParameterizedSQL_Success
-- ParameterizedSQL_Failure
-- StoredProcedure_Success
-- StoredProcedure_Failure
-- Login_Success
-- Login_Failure
-- TransactionManagement_Success
-- TransactionManagement_Failure
-- All
-- None
You can specify several event types. You can specify All to audit all of the event types or None to specify that no events will be audited. If you specify All or None at the same time, the cmdlet fails.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-PassThru
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Profile<AzureProfile>
Specifies the Azure profile from which this cmdlet reads. If you do not specify a profile, this cmdlet reads from the local default profile.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-ResourceGroupName<String>
Specifies the name of the resource group that contains the database.
Aliases |
none |
Required? |
true |
Position? |
1 |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-RetentionInDays<UInt32]>
Specifies the number of retention days for the audit logs table. A value of zero (0) means that the table is not retained. The default value is zero. If you specify a value greater than zero, you must specify a value for the TableIdentifer parameter.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-ServerName<String>
Specifies the name of the server that contains the database.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-StorageAccountName<String>
Specifies the name of the storage account to be used when auditing the database. Wildcard characters are not permitted. If you do not specify this parameter, the cmdlet uses the storage account that was defined previously as part of the auditing policy of the database. If this is the first time a database auditing policy is defined and you do not specify this parameter, the cmdlet fails.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-StorageKeyType<String>
Specifies which of the storage access keys to use. Valid values are:
-- Primary
-- Secondary
The default value is Primary.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
-TableIdentifier<String>
Specifies the name of the audit logs table. Specify this value if you specify a value greater than zero for the RetentionInDays parameter.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true(ByPropertyName) |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
Outputs
The output type is the type of the objects that the cmdlet emits.
Notes
- This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see about_CommonParameters.
Examples
Example 1: Set the auditing policy of an Azure SQL server
This command sets the auditing policy of the server named Server02 to use storage account named Storage22.
PS C:\> Set-AzureSqlServerAuditingPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server02" –StorageAccountName "Storage22"
Example 2: Set the storage account key of an already existing auditing policy of an Azure SQL server
This command sets the auditing policy of the server named Server02 to use the secondary key. The command does not modify the storage account name.
PS C:\> Set-AzureSqlServerAuditingPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server02" –StorageAccountKey Secondary
Example 3: Set the auditing policy of an Azure SQL server to use a specific event type
This command sets the auditing policy of the server named Server02 to use the Login_Failure event type. This command does not modify any other setting.
PS C:\> Set-AzureSqlServerAuditingPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server02" –EventType Login_Failure