As organizations are constantly increasing their SQL assets on Azure and modernizing their applications, there’s an increasing need for a centralized place to monitor activities, investigate incidents, and maintain regulatory compliance at scale.
We are delighted to announce the general availability of the capability to write audit logs of Azure SQL Database, Dedicated SQL pool (formerly SQL DW) and Azure SQL Managed Instance directly to Azure Log Analytics or Azure Event Hubs. These destinations provide an easy way to centrally manage all your log data, along with a rich set of tools for consuming and analyzing database audit logs at scale.
Azure Log Analytics is an Azure resource and a container where data is collected, aggregated, and serves as an administrative boundary. It enables collecting data from a variety of sources across Azure and provides a query language and analytics engine for deep analysis and insights on the operation of applications and resources. For more information on the Log Analytics platform, see What is Azure Log Analytics.
Azure Event Hubs is a big data streaming platform and event ingestion service. It can receive and process millions of events per second. Data sent to an event hub can be transformed and stored by using any real-time analytics provider or batching/storage adapters. For more information on Azure Event Hubs, see What is Azure Event Hubs.
When configuring your Azure SQL Auditing you can now select the destination of your choice for your audit logs of your Azure SQL Server or individual databases. You can also configure multiple destinations as shown in the following screenshot.