Audit Log Is Not Enabled for MySQL Database Server

Overview

Enabling audit_log_enabled helps MySQL Database to log items such as connection attempts to the server, DDL/DML access, and more. Log data can be used to identify, troubleshoot, and repair configuration errors and suboptimal performance.

There are further costs incurred for storage of logs. For high traffic databases these logs will be significant. Determine your organization's needs before enabling.

Vendor

Azure

Cloud Service

MySQL

CIS Azure v2.0.0 4.4.3

References

https://docs.microsoft.com/en-us/azure/mysql/single-server/how-to-configure-audit-logs-portal, https://docs.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-logging-threat-detection#lt-3-enable-logging-for-security-investigation

Severity

Item Types

Microsoft.DBforMySQL.servers.databases

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​