Auditing forAzure Synapse Analytics and Azure SQL Database first tracks database events and then writes these events to an audit log under your Log Analytics workspace, Azure storage account, or Event Hubs.
Which of the following statements are true about Auditing and Audit logs? (Select two options)
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answers: A and D
Audit logs are written to Append Blobs in Blob storage on your Azure subscription.
In Azure AD Authentication, the failed login records won't appear in SQL audit logs.
The format of Audit logs is .xel and can be viewed using SQL Server Management Studio.
Auditing on Read-Only Replicas is enabled automatically.
Option A is correct.
Audit logs are written to Append Blobs in Blob storage on your Azure subscription.
Option B is incorrect.
In Azure AD Authentication, the failed login records won't appear in SQL audit logs.
If you want to see the failed login audit records, go to the Azure Active Directory portal, which logs the specifics of these events.
Option C is incorrect.
Audit logs are in .xel format.
Option D is correct.
Audit logs can be opened using SSMS.
Option E is incorrect.
Auditing on Read-Only Replicas is enabled automatically.
To know more about Auditing, please visit the below-given link:
The two true statements about Auditing and Audit logs for Azure Synapse Analytics and Azure SQL Database are:
B. While using Azure AD Authentication, even the failed logins records appear in the SQL audit log. D. You can use SQL Server Management Studio (SSMS) to open the audit logs.
Here's a detailed explanation of each statement and why it's true:
A. Audit logs are written to Append Blobs in Blob storage on your Azure subscription - This statement is false. While Azure does offer Blob storage as a destination for audit logs, it is not the only option. Audit logs can also be written to Log Analytics workspaces or Event Hubs. Additionally, it is worth noting that Azure Synapse Analytics does not currently support writing audit logs to Blob storage.
B. While using Azure AD Authentication, even the failed logins records appear in the SQL audit log. - This statement is true. Azure Active Directory (AD) authentication can be used to authenticate users and applications to Azure SQL Database and Azure Synapse Analytics. When using Azure AD authentication, all successful and failed logins are recorded in the SQL audit log. This is important for security and compliance purposes, as it allows you to track who has accessed your data and when.
C. The format for Audit logs is .xml. - This statement is false. The format for audit logs in Azure Synapse Analytics and Azure SQL Database is actually JSON. JSON is a lightweight data interchange format that is easy for machines to read and write, and it is commonly used in cloud applications.
D. You can use SQL Server Management Studio (SSMS) to open the audit logs. - This statement is true. SQL Server Management Studio (SSMS) is a popular tool for managing and administering SQL Server databases, and it can also be used to view and query SQL audit logs in Azure Synapse Analytics and Azure SQL Database. SSMS provides a familiar interface for working with audit logs, making it easier for database administrators and security teams to analyze and monitor activity in their databases.
E. If you want auditing on read-only replicas, you need to manually configure it. - This statement is true. In Azure SQL Database, auditing is not enabled by default on read-only replicas. If you want to audit activity on these replicas, you need to manually configure auditing on each replica. This is important if you have compliance requirements that mandate auditing on all database activity, regardless of whether it occurs on a read-write or read-only replica.