SQL Server auditing retention should be greater than 90 days


Audit Logs can be used to check for anomalies and give insight into suspected breaches or misuse of information and access.

Azure Portal

  • Navigate to SQL Servers.

  • Select the SQL server.

  • In the left navigation in the Security section, select Auditing.

  • Select Storage Details and set Retention (days) greater than 90 days.

  • Click OK > Save.


  • To enable retention for a SQL Server:

set-AzureRmSqlServerAuditing -ResourceGroupName <resource group name> -ServerName <server name> -RetentionInDays <Number of Days to retain the audit logs, should be 90 days minimum>


Example Configuration

resource "azurerm_sql_server" "example" {
  extended_auditing_policy {
      retention_in_days    = 90
  # other required fields here