Control: Ensure server parameter 'audit_log_enabled' is set to 'ON' for MySQL Database Server
Description
Enable audit logging on MySQL Servers.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.mysql_server_audit_logging_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.mysql_server_audit_logging_enabled --shareSQL
This control uses a named query:
select s.id as resource, case when lower(config -> 'ConfigurationProperties' ->> 'value') != 'on' then 'alarm' else 'ok' end as status, case when lower(config -> 'ConfigurationProperties' ->> 'value') != 'on' then s.name || ' server parameter audit_log_enabled off.' else s.name || ' server parameter audit_log_enabled on.' end as reason , s.resource_group as resource_group , sub.display_name as subscriptionfrom azure_mysql_server as s, jsonb_array_elements(server_configurations) config, azure_subscription subwhere config ->> 'Name' = 'audit_log_enabled' and sub.subscription_id = s.subscription_id;