Description
Set audit_log_enabled to include CONNECTION on MySQL flexible servers.
Rationaleβ
Enabling CONNECTION helps MySQL Database to log items such as successful and failed connection attempts to the server. Log data can be used to identify, troubleshoot, and repair configuration errors and suboptimal performance.
Impactβ
There are further costs incurred for storage of logs. For high traffic databases these logs will be significant. Determine your organization's needs before enabling.
Auditβ
From Azure Portalβ
- From Azure Home select the Portal Menu.
- Go to
Azure Database for MySQL flexible servers. - For each database, under
Settings, clickServer parameters. - In the filter bar, type
audit_log. - Ensure that the
VALUEforaudit_log_enabledisON. - Ensure that the
VALUEforaudit_log_eventsincludesCONNECTION.
From Azure CLIβ
Ensure the below command returns a value that includes CONNECTION:
az mysql flexible-server parameter show --resource-group <resourceGroup> --server-name <serverName> --name audit_log_events
From PowerShellβ
Ensure the below command returns a value that includes CONNECTION:
Get-AzMySqlFlexibleServerConfiguration -ResourceGroupName <resourceGroup> -ServerName <serverName> -Name audit_log_events
Default Valueβ
By default audit_log_events is set to CONNECTION.
Referencesβ
- https://learn.microsoft.com/en-us/azure/mysql/flexible-server/concepts-audit-logs
- https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-logging-threat-detection#lt-3-enable-logging-for-security-investigation
- https://learn.microsoft.com/en-us/azure/mysql/flexible-server/tutorial-configure-audit
- https://learn.microsoft.com/en-us/azure/mysql/flexible-server/tutorial-configure-audit#configure-auditing-by-using-the-azure-cli