Description
Set audit_log_events to include CONNECTION on MySQL flexible servers.
Rationaleβ
Enabling CONNECTION helps MySQL to log successful and failed connection attempts to the server. Log data can be used to identify, troubleshoot, and repair configuration errors and suboptimal performance.
Impactβ
There are additional costs for log storage. For high-traffic databases, these logs can be significant. Determine your organization's needs before enabling.
Auditβ
From Azure Portalβ
- From Azure Home, select the Portal Menu.
- Go to
Azure Database for MySQL flexible servers. - For each database, under
Settings, clickServer parameters. - In the filter bar, type
audit_log. - Ensure that the
VALUEforaudit_log_enabledisON. - Ensure that the
VALUEforaudit_log_eventsincludesCONNECTION.
From Azure CLIβ
Ensure the following command returns a value that includes CONNECTION:
az mysql flexible-server parameter show \
--resource-group {{resource-group-name}} \
--server-name {{server-name}} \
--name audit_log_events
From PowerShellβ
Ensure the following command returns a value that includes CONNECTION:
Get-AzMySqlFlexibleServerConfiguration `
-ResourceGroupName {{resource-group-name}} `
-ServerName {{server-name}} `
-Name audit_log_events
Default Valueβ
By default, audit_log_events is set to CONNECTION.
Referencesβ
- https://learn.microsoft.com/en-us/azure/mysql/flexible-server/concepts-audit-logs
- https://learn.microsoft.com/en-us/security/benchmark/azure/mcsb-logging-threat-detection#lt-3-enable-logging-for-security-investigation
- https://learn.microsoft.com/en-us/azure/mysql/flexible-server/tutorial-configure-audit
- https://learn.microsoft.com/en-us/azure/mysql/flexible-server/tutorial-configure-audit#configure-auditing-by-using-the-azure-cli