Set-​Azure​Rm​Sql​Server​Threat​Detection​Policy

Sets a threat detection policy on a server.

Syntax

Set-AzureRmSqlServerThreatDetectionPolicy
   [-ResourceGroupName] <String>
   [-ServerName] <String>
   [-EmailAdmins <Boolean>]
   [-ExcludedDetectionType <DetectionType[]>]
   [-InformationAction <ActionPreference>]
   [-InformationVariable <String>]
   [-NotificationRecipientsEmails <String>]
   [-PassThru]
   [-RetentionInDays <UInt32>]
   [-StorageAccountName <String>]
   [-Confirm]
   [-WhatIf]
   [<CommonParameters>]

Description

The Set-AzureRmSqlServerThreatDetectionPolicy cmdlet sets a threat detection policy on an Azure SQL server. In order to enable threat detection on a server an auditing policy must be enabled on that server. To use this cmdlet, specify the ResourceGroupName and ServerName parameters to identify the server.

Examples

Example 1: Set the threat detection policy for a database

PS C:\>Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server01" -NotificationRecipientsEmails "admin01@contoso.com;secadmin@contoso.com" -EmailAdmins $False -ExcludedDetectionType "Sql_Injection_Vulnerability","SQL_Injection" -StorageAccountName "mystorageAccount"

This command sets the threat detection policy for a server named Server01.

Required Parameters

-ResourceGroupName

Specifies the name of the resource group to which the server belongs.

Type:String
Position:0
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ServerName

Specifies the name of the server.

Type:String
Position:1
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False
-EmailAdmins

Specifies whether the threat detection policy contacts administrators by using email.

Type:Boolean
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-ExcludedDetectionType

Specifies an array of detection types to exclude from the policy. The acceptable values for this parameter are:- Sql_Injection

  • Sql_Injection_Vulnerability
  • Access_Anomaly
  • Usage_Anomaly
  • None
Type:DetectionType[]
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-InformationAction

Specifies how this cmdlet responds to an information event.The acceptable values for this parameter are:- Continue

  • Ignore
  • Inquire
  • SilentlyContinue
  • Stop
  • Suspend
Type:ActionPreference
Aliases:infa
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-InformationVariable

Specifies an information variable.

Type:String
Aliases:iv
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-NotificationRecipientsEmails

Specifies a semicolon-separated list of email addresses to which the policy sends alerts.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-PassThru

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.

Type:SwitchParameter
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
-RetentionInDays

The number of retention days for the audit logs

Type:UInt32
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-StorageAccountName

Specifies the name of the storage account to be used. Wildcards are not permitted. This parameter is not required. When this parameter is not provided, the cmdlet will use the storage account that was defined previously as part of the threat detection policy of the database. If this is the first time a database theat detection policy is defined and this parameter is not provided, the cmdlet will fail.

Type:String
Position:Named
Default value:None
Accept pipeline input:True (ByPropertyName)
Accept wildcard characters:False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

You cannot pipe input to this cmdlet.

Outputs

Microsoft.Azure.Commands.Sql.ThreatDetection.Model.ServerThreatDetectionPolicyModel

This cmdlet returns a ServerThreatDetectionPolicyModel object.