Skip to content

Instantly share code, notes, and snippets.

@terasaka

terasaka/LogAnalyticsSqlAudit

Created July 30, 2020 15:40
Show Gist options
  • Save terasaka/6510169626b862539bffdad470a4ba9a to your computer and use it in GitHub Desktop.
Save terasaka/6510169626b862539bffdad470a4ba9a to your computer and use it in GitHub Desktop.
Download ZIP
AZURE SQL - Analisar auditoria de bancos PaaS no Log Analytics
Raw
LogAnalyticsSqlAudit
// Logins com sucesso filtrando por usuario, ip e database
AzureDiagnostics
| where succeeded_s contains "true"
| project Login=database_principal_name_s, IP=client_ip_s, DB=database_name_s
| summarize count() by Login, IP, DB
| order by Login
// Falha de logins filtrando por usuario, ip e database
// Alterar dbName para o nome do db que gostaria de filtrar
AzureDiagnostics
| where Category == 'SQLSecurityAuditEvents' and LogicalServerName_s == 'dbName'
| where action_id_s == 'DBAF'
| project Login=server_principal_name_s, IP=client_ip_s, DB=database_name_s
| summarize count() by Login, IP, DB
| order by Login
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment