Forum Discussion
Identify TLS version of successful connection to Azure SQL Database (PaaS)
Reference:
Azure support for TLS 1.0 and TLS 1.1 will end by 31 October 2024
If I look at the metrics for "Successful Connections" and split them by TLS version for a user database, I see that 100% of the connections come with TLS version 1.2. I checked for "Failed Connections: System Errors" and "Failed Connections: User Errors"; both are zero.
For Azure SQL Database (PaaS), when I run this in the log analytics workspace, I see only the TLS columns populated for the MASTER database and not the user databases.
AzureDiagnostics
|project TimeGenerated, ResourceId, Resource, client_tls_version_d, client_tls_version_name_s
Question: Why _client_tls_version_d, client_tls_version_name_s _columns are blank for the user database?
1 Reply
Seems related to client_tls_version_d and client_tls_version_name_s columns are not populated for user databases in your Azure SQL Database (PaaS) when running queries in the log analytics workspace. This can happen due to several reasons:
- Telemetry Data Collection: The telemetry data collection for user databases might be different from the master database. Ensure that the telemetry settings are correctly configured to collect TLS version data for user databases.
- Permissions: Verify that the user account running the queries has the necessary permissions to access telemetry data for user databases. Sometimes, permissions might be restricted to the master database only.
- Configuration Settings: Check the configuration settings for your Azure SQL Database. Ensure that the settings for logging and telemetry are enabled for user databases. You can do this through the Azure portal or using Azure PowerShell/CLI.
- Diagnostic Settings: Make sure that the diagnostic settings for your Azure SQL Database are configured to include the necessary logs and metrics for user databases. This can be done in the Azure portal under the "Diagnostics settings" section.
