< Back

Set-AzureRmSqlServerThreatDetectionPolicy

Tue Jan 29, 2019 10:10 pm

NAME Set-AzureRmSqlServerThreatDetectionPolicy



SYNOPSIS

Sets a threat detection policy on a server.





SYNTAX

Set-AzureRmSqlServerThreatDetectionPolicy [-ResourceGroupName] <String> [-DefaultProfile <IAzureContextContainer>] [-EmailAdmins <Boolean>]

[-ExcludedDetectionType {Sql_Injection | Sql_Injection_Vulnerability | Access_Anomaly | None}] [-NotificationRecipientsEmails <String>]

[-PassThru] [-RetentionInDays <UInt32>] -ServerName <String> [-StorageAccountName <String>] [-Confirm] [-WhatIf] [<CommonParameters>]





DESCRIPTION

The Set-AzureRmSqlServerThreatDetectionPolicy cmdlet sets a threat detection policy on an Azure SQL server. In order to enable threat detection on

a server an auditing policy must be enabled on that server. To use this cmdlet, specify the ResourceGroupName and ServerName parameters to

identify the server.





PARAMETERS

-DefaultProfile <IAzureContextContainer>

The credentials, account, tenant, and subscription used for communication with azure



Required? false

Position? named

Default value None

Accept pipeline input? False

Accept wildcard characters? false



-EmailAdmins <Boolean>

Specifies whether the threat detection policy contacts administrators by using email.



Required? false

Position? named

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-ExcludedDetectionType <DetectionType[]>

Specifies an array of detection types to exclude from the policy. The acceptable values for this parameter are:



- Sql_Injection



- Sql_Injection_Vulnerability



- Access_Anomaly



- None



Required? false

Position? named

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-NotificationRecipientsEmails <String>

Specifies a semicolon-separated list of email addresses to which the policy sends alerts.



Required? false

Position? named

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-PassThru [<SwitchParameter>]

Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.



Required? false

Position? named

Default value False

Accept pipeline input? False

Accept wildcard characters? false



-ResourceGroupName <String>

Specifies the name of the resource group to which the server belongs.



Required? true

Position? 0

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-RetentionInDays <UInt32>

The number of retention days for the audit logs



Required? false

Position? named

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-ServerName <String>

Specifies the name of the server.



Required? true

Position? named

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-StorageAccountName <String>

Specifies the name of the storage account to be used. Wildcards are not permitted. This parameter is not required. When this parameter is not

provided, the cmdlet will use the storage account that was defined previously as part of the threat detection policy of the database. If this

is the first time a database theat detection policy is defined and this parameter is not provided, the cmdlet will fail.



Required? false

Position? named

Default value None

Accept pipeline input? True (ByPropertyName)

Accept wildcard characters? false



-Confirm [<SwitchParameter>]

Prompts you for confirmation before running the cmdlet.



Required? false

Position? named

Default value False

Accept pipeline input? False

Accept wildcard characters? false



-WhatIf [<SwitchParameter>]

Shows what would happen if the cmdlet runs. The cmdlet is not run.



Required? false

Position? named

Default value False

Accept pipeline input? False

Accept wildcard characters? false



<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,

ErrorAction, ErrorVariable, WarningAction, WarningVariable,

OutBuffer, PipelineVariable, and OutVariable. For more information, see

about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).



INPUTS



You cannot pipe input to this cmdlet.





OUTPUTS

Microsoft.Azure.Commands.Sql.ThreatDetection.Model.ServerThreatDetectionPolicyModel

This cmdlet returns a ServerThreatDetectionPolicyModel object.





NOTES









Example 1: Set the threat detection policy for a database



PS C:\\>Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server01" -NotificationRecipientsEmails

"admin01@contoso.com;secadmin@contoso.com" -EmailAdmins $False -ExcludedDetectionType "Sql_Injection_Vulnerability","SQL_Injection"

-StorageAccountName "mystorageAccount"



This command sets the threat detection policy for a server named Server01.







RELATED LINKS

Online Version: https://docs.microsoft.com/en-us/powers ... tionpolicy

Get-AzureRmSqlServerThreatDetectionPolicy

Remove-AzureRmSqlServerThreatDetectionPolicy

SQL Database Documentation https://docs.microsoft.com/azure/sql-database/