az synapse sql pool audit-policy
Manage a SQL pool's auditing policy.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az synapse sql pool audit-policy show |
Get a SQL pool's auditing policy. |
Core | GA |
| az synapse sql pool audit-policy update |
Update a SQL pool's auditing policy. |
Core | GA |
az synapse sql pool audit-policy show
Get a SQL pool's auditing policy.
az synapse sql pool audit-policy show [--ids]
[--name]
[--resource-group]
[--subscription]
[--workspace-name]Examples
Get a SQL pool's auditing policy.
az synapse sql pool audit-policy show --name sqlpool --workspace-name testsynapseworkspace --resource-group rgOptional Parameters
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
The SQL pool name.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
The workspace name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
az synapse sql pool audit-policy update
Update a SQL pool's auditing policy.
If the policy is being enabled, --storage-account or both --storage-endpoint and --storage-key must be specified.
az synapse sql pool audit-policy update [--actions]
[--add]
[--blob-storage-target-state {Disabled, Enabled}]
[--eh]
[--ehari]
[--ehts {Disabled, Enabled}]
[--enable-azure-monitor {false, true}]
[--force-string]
[--ids]
[--lats {Disabled, Enabled}]
[--lawri]
[--name]
[--remove]
[--resource-group]
[--retention-days]
[--set]
[--state {Disabled, Enabled}]
[--storage-account]
[--storage-endpoint]
[--storage-key]
[--storage-subscription]
[--subscription]
[--use-secondary-key {false, true}]
[--workspace-name]Examples
Enable by storage account name.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --state Enabled --blob-storage-target-state Enabled --storage-account mystorageEnable by storage endpoint and key.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --state Enabled --blob-storage-target-state Enabled \
--storage-endpoint https://mystorage.blob.core.windows.net --storage-key MYKEY==Set the list of audit actions.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --actions SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP 'UPDATE on database::mydb by public'Disable an auditing policy.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --state DisabledDisable a blob storage auditing policy.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --blob-storage-target-state DisabledEnable a log analytics auditing policy.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --state Enabled --log-analytics-target-state Enabled \
--log-analytics-workspace-resource-id myworkspaceresourceidDisable a log analytics auditing policy.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --log-analytics-target-state DisabledEnable an event hub auditing policy.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --state Enabled --event-hub-target-state Enabled \
--event-hub-authorization-rule-id eventhubauthorizationruleid --event-hub eventhubnameEnable an event hub auditing policy for default event hub.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --state Enabled --event-hub-target-state Enabled \
--event-hub-authorization-rule-id eventhubauthorizationruleidDisable an event hub auditing policy.
az synapse sql pool audit-policy update --name sqlpool --workspace-name testsynapseworkspace \
--resource-group rg --event-hub-target-state DisabledOptional Parameters
List of actions and action groups to audit.
Add an object to a list of objects by specifying a path and key value pairs. Example: --add property.listProperty <key=value, string or JSON string>.
Indicate whether blob storage is a destination for audit records.
The name of the event hub. If none is specified when providing event_hub_authorization_rule_id, the default event hub will be selected.
The resource Id for the event hub authorization rule.
Indicate whether event hub is a destination for audit records.
Whether enabling azure monitor target or not.
When using 'set' or 'add', preserve string literals instead of attempting to convert to JSON.
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
Indicate whether log analytics is a destination for audit records.
The workspace ID (resource ID of a Log Analytics workspace) for a Log Analytics workspace to which you would like to send Audit Logs.
The SQL pool name.
Remove a property or an element from a list. Example: --remove property.list <indexToRemove> OR --remove propertyToRemove.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The number of days to retain audit logs.
Update an object by specifying a property path and value to set. Example: --set property1.property2=<value>.
Auditing policy state.
Name of the storage account.
The storage account endpoint.
Access key for the storage account.
The subscription id of storage account.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Indicates whether using the secondary storeage key or not.
The workspace name.
Global Parameters
Increase logging verbosity to show all debug logs.
Show this help message and exit.
Only show errors, suppressing warnings.
Output format.
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
Feedback
Kommer snart: I hele 2024 udfaser vi GitHub-problemer som feedbackmekanisme for indhold og erstatter det med et nyt feedbacksystem. Du kan få flere oplysninger under: https://aka.ms/ContentUserFeedback.
Indsend og få vist feedback om