Forum Discussion
Azure Arc SQL Servers not generating alerts
We have had around 20 on-premise SQL Servers connected via Azure Arc for several months, but there have been no alerts generated in Defender for Cloud. If it is working as intended, I'm glad we have had no suspicious activity. But I'm also concerned something may not be configured correctly. In my experience with security products, there is typically a tuning period needed to eliminate false positives. Does anyone know if there is anything we can do on the DB to trigger an alert, just to make sure everything is working?
1 Reply
Hi, it's not necessary to get alerts if your servers are not under any attack and since recommendations and vulnerabilities are appearing, that's means your config is fine. you can simulate a bruce force attack on one of your SQL server on prem connected to DFC through Azure Arc. Follow the step 3 in the below link
Enabling Microsoft Defender for Cloud for Arc Enabled SQL Server Machines - Microsoft Community Hub
Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily.
