last sync: 2025-Mar-14 18:30:15 UTC

Configure the Microsoft Defender for SQL Log Analytics workspace

Azure BuiltIn Policy definition

Source Azure Portal
Display name Configure the Microsoft Defender for SQL Log Analytics workspace
Id 242300d6-1bfc-4d64-8d01-cee583709ebd
Version 1.5.0
Details on versioning
Versioning Versions supported for Versioning: 6
1.1.1-preview
1.1.2
1.2.0
1.3.0
1.4.0
1.5.0
Built-in Versioning [Preview]
Category Security Center
Microsoft Learn
Description Microsoft Defender for SQL collects events from the agent and uses them to provide security alerts and tailored hardening tasks (recommendations). Create a resource group and Log Analytics workspace in the same region as the machine.
Cloud environments AzureCloud = true
AzureUSGovernment = true
AzureChinaCloud = unknown
Available in AzUSGov The Policy is available in AzureUSGovernment cloud. Version: '1.5.0'
Repository: Azure-Policy 242300d6-1bfc-4d64-8d01-cee583709ebd
Mode Indexed
Type BuiltIn
Preview False
Deprecated False
Effect Default
DeployIfNotExists
Allowed
DeployIfNotExists, Disabled
RBAC role(s)
Role Name Role Id
Contributor b24988ac-6180-42a0-ab88-20f7382dd24c
Rule aliases IF (3)
Alias Namespace ResourceType Path PathIsDefault DefaultPath Modifiable
Microsoft.HybridCompute/machines/mssqlDiscovered Microsoft.HybridCompute machines properties.mssqlDiscovered True False
Microsoft.HybridCompute/machines/osName Microsoft.HybridCompute machines properties.osName True False
Microsoft.SqlVirtualMachine/sqlVirtualMachines/osType Microsoft.SqlVirtualMachine SqlVirtualMachines properties.osType True False
Rule resource types IF (2)
Microsoft.HybridCompute/machines
Microsoft.SqlVirtualMachine/SqlVirtualMachines
THEN-Deployment (3)
Microsoft.OperationalInsights/workspaces
Microsoft.Resources/deployments
Microsoft.Resources/resourceGroups
Compliance
The following 1 compliance controls are associated with this Policy definition 'Configure the Microsoft Defender for SQL Log Analytics workspace' (242300d6-1bfc-4d64-8d01-cee583709ebd)
Control Domain Control Name MetadataId Category Title Owner Requirements Description Info Policy#
op.exp.6 Protection against harmful code op.exp.6 Protection against harmful code 404 not found n/a n/a 61
Initiatives usage
Initiative DisplayName Initiative Id Initiative Category State Type polSet in AzUSGov
Configure SQL VMs and Arc-enabled SQL Servers to install Microsoft Defender for SQL and AMA with a LA workspace d7c3ea3a-edf3-4bd5-bd64-d5b635b05393 Security Center GA BuiltIn true
Spain ENS 175daf90-21e1-4fec-b745-7b4c909aa94c Regulatory Compliance GA BuiltIn unknown
History
Date/Time (UTC ymd) (i) Change type Change detail
2025-01-21 19:02:36 change Minor (1.4.0 > 1.5.0)
2024-09-10 17:48:30 change Minor (1.3.0 > 1.4.0)
2024-04-22 16:32:55 change Minor (1.2.0 > 1.3.0)
2024-01-12 18:35:06 change Minor (1.1.2 > 1.2.0)
2023-11-17 19:29:28 change Patch, old suffix: preview (1.1.1-preview > 1.1.2)
2023-10-31 19:02:40 change Minor, suffix remains equal (1.0.1-preview > 1.1.1-preview)
2023-09-11 17:59:12 change Patch, suffix remains equal (1.0.0-preview > 1.0.1-preview)
2023-08-22 17:59:24 add 242300d6-1bfc-4d64-8d01-cee583709ebd
JSON compare
compare mode: version left: version right:
JSON
api-version=2021-06-01
EPAC