< Back
Set-AzureRmSqlServerThreatDetectionPolicy
Post
NAME Set-AzureRmSqlServerThreatDetectionPolicy
SYNOPSIS
Sets a threat detection policy on a server.
SYNTAX
Set-AzureRmSqlServerThreatDetectionPolicy [-ResourceGroupName] <String> [-DefaultProfile <IAzureContextContainer>] [-EmailAdmins <Boolean>]
[-ExcludedDetectionType {Sql_Injection | Sql_Injection_Vulnerability | Access_Anomaly | None}] [-NotificationRecipientsEmails <String>]
[-PassThru] [-RetentionInDays <UInt32>] -ServerName <String> [-StorageAccountName <String>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureRmSqlServerThreatDetectionPolicy cmdlet sets a threat detection policy on an Azure SQL server. In order to enable threat detection on
a server an auditing policy must be enabled on that server. To use this cmdlet, specify the ResourceGroupName and ServerName parameters to
identify the server.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-EmailAdmins <Boolean>
Specifies whether the threat detection policy contacts administrators by using email.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ExcludedDetectionType <DetectionType[]>
Specifies an array of detection types to exclude from the policy. The acceptable values for this parameter are:
- Sql_Injection
- Sql_Injection_Vulnerability
- Access_Anomaly
- None
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-NotificationRecipientsEmails <String>
Specifies a semicolon-separated list of email addresses to which the policy sends alerts.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-PassThru [<SwitchParameter>]
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-ResourceGroupName <String>
Specifies the name of the resource group to which the server belongs.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RetentionInDays <UInt32>
The number of retention days for the audit logs
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ServerName <String>
Specifies the name of the server.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-StorageAccountName <String>
Specifies the name of the storage account to be used. Wildcards are not permitted. This parameter is not required. When this parameter is not
provided, the cmdlet will use the storage account that was defined previously as part of the threat detection policy of the database. If this
is the first time a database theat detection policy is defined and this parameter is not provided, the cmdlet will fail.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
You cannot pipe input to this cmdlet.
OUTPUTS
Microsoft.Azure.Commands.Sql.ThreatDetection.Model.ServerThreatDetectionPolicyModel
This cmdlet returns a ServerThreatDetectionPolicyModel object.
NOTES
Example 1: Set the threat detection policy for a database
PS C:\\>Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server01" -NotificationRecipientsEmails
"admin01@contoso.com;secadmin@contoso.com" -EmailAdmins $False -ExcludedDetectionType "Sql_Injection_Vulnerability","SQL_Injection"
-StorageAccountName "mystorageAccount"
This command sets the threat detection policy for a server named Server01.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... tionpolicy
Get-AzureRmSqlServerThreatDetectionPolicy
Remove-AzureRmSqlServerThreatDetectionPolicy
SQL Database Documentation https://docs.microsoft.com/azure/sql-database/
SYNOPSIS
Sets a threat detection policy on a server.
SYNTAX
Set-AzureRmSqlServerThreatDetectionPolicy [-ResourceGroupName] <String> [-DefaultProfile <IAzureContextContainer>] [-EmailAdmins <Boolean>]
[-ExcludedDetectionType {Sql_Injection | Sql_Injection_Vulnerability | Access_Anomaly | None}] [-NotificationRecipientsEmails <String>]
[-PassThru] [-RetentionInDays <UInt32>] -ServerName <String> [-StorageAccountName <String>] [-Confirm] [-WhatIf] [<CommonParameters>]
DESCRIPTION
The Set-AzureRmSqlServerThreatDetectionPolicy cmdlet sets a threat detection policy on an Azure SQL server. In order to enable threat detection on
a server an auditing policy must be enabled on that server. To use this cmdlet, specify the ResourceGroupName and ServerName parameters to
identify the server.
PARAMETERS
-DefaultProfile <IAzureContextContainer>
The credentials, account, tenant, and subscription used for communication with azure
Required? false
Position? named
Default value None
Accept pipeline input? False
Accept wildcard characters? false
-EmailAdmins <Boolean>
Specifies whether the threat detection policy contacts administrators by using email.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ExcludedDetectionType <DetectionType[]>
Specifies an array of detection types to exclude from the policy. The acceptable values for this parameter are:
- Sql_Injection
- Sql_Injection_Vulnerability
- Access_Anomaly
- None
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-NotificationRecipientsEmails <String>
Specifies a semicolon-separated list of email addresses to which the policy sends alerts.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-PassThru [<SwitchParameter>]
Returns an object representing the item with which you are working. By default, this cmdlet does not generate any output.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-ResourceGroupName <String>
Specifies the name of the resource group to which the server belongs.
Required? true
Position? 0
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-RetentionInDays <UInt32>
The number of retention days for the audit logs
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-ServerName <String>
Specifies the name of the server.
Required? true
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-StorageAccountName <String>
Specifies the name of the storage account to be used. Wildcards are not permitted. This parameter is not required. When this parameter is not
provided, the cmdlet will use the storage account that was defined previously as part of the threat detection policy of the database. If this
is the first time a database theat detection policy is defined and this parameter is not provided, the cmdlet will fail.
Required? false
Position? named
Default value None
Accept pipeline input? True (ByPropertyName)
Accept wildcard characters? false
-Confirm [<SwitchParameter>]
Prompts you for confirmation before running the cmdlet.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
-WhatIf [<SwitchParameter>]
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? false
Position? named
Default value False
Accept pipeline input? False
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
You cannot pipe input to this cmdlet.
OUTPUTS
Microsoft.Azure.Commands.Sql.ThreatDetection.Model.ServerThreatDetectionPolicyModel
This cmdlet returns a ServerThreatDetectionPolicyModel object.
NOTES
Example 1: Set the threat detection policy for a database
PS C:\\>Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName "ResourceGroup11" -ServerName "Server01" -NotificationRecipientsEmails
"admin01@contoso.com;secadmin@contoso.com" -EmailAdmins $False -ExcludedDetectionType "Sql_Injection_Vulnerability","SQL_Injection"
-StorageAccountName "mystorageAccount"
This command sets the threat detection policy for a server named Server01.
RELATED LINKS
Online Version: https://docs.microsoft.com/en-us/powers ... tionpolicy
Get-AzureRmSqlServerThreatDetectionPolicy
Remove-AzureRmSqlServerThreatDetectionPolicy
SQL Database Documentation https://docs.microsoft.com/azure/sql-database/