I recently began seeing failures in my SQL Error logs relating to SQL Audits. We do not utilize SQL Audits in our environment so I began investigating.
I found that an audit named SqlThreatDetection_Audit was created and enabled on all of my IAAS SQL Servers. This is not a behavior I was expecting and I am trying to find the source of this change.
Starting on 07/01/2020 was the firsts creation of the Audit that I find on my servers. It has continued until today as the most recent was added.

And here is the error that started the investigation.
My research shows this might be related to something in Azure Security Center. However, no one in our Security, Networking or Infrastructure team has enabled anything that they feel would impact or cause this Audit to be enabled.

