I have
Azure Synapse Workspace on which I have Synapse Administrator access
Through Azure portal - I have configured he Log Analytics and running below KQL statement to find the list of queries executed along with data processed in MBs and user-id/identity of the SQL
I am not able to find the identity here - Is there a setting to fetch it ?
Below is the KQL statement
SynapseBuiltinSqlPoolRequestsEnded
| where TimeGenerated > ago(24h)
| evaluate bag_unpack(Properties)
| project startTime,endTime,error,Identity,queryText, command,dataProcessedBytes/1024/1024
Let me know, if this is a limitation at this moment or am I missing anything here ?
Thanks,
Aravind
Yes, there is a limitation for this.
Log analytics does not capture any PII(Personally identifiable information) for data compliance.
Check the Identity column in SynapseBuiltinSqlPoolRequestsEnded. It has the login name of the user running the query.
Related
I'm looking for a way to list out who logged in to a SQL MI instance.
I have configured log analytics to receive all logs and metrics but see no login information in the logs. Looks like there is a flag in Azure SQL but this does not apply to SQL MI, this
is where i found the flag.
Is there a way to enable this type of log collection in SQLMI so this information is sent to Log Analytics?
Can I get this info right from SQLMI? perhaps a system table?
Thanks for any help you may provide.
Looks like in addition to setting up LogAnalytics, an Audit job needs to be created within the DB in Master. Here is a link to the MSFT article.
I use Azure datalake gen 2, I transform data with databricks and I have delta tables which are sent in Power BI. But the clients have to be allowed to request in sql my tables.
What is the best practice ? Is it possible with databricks or have I to use something else ?
Thank you in advance for helping me !!
With premium workspace, you could let Users Credentials pass through to storage account form within Azure Databricks.
Go to Compute --> Cluster --> Advanced options, you'll see a check box Enable credential passthrough for user-level data access (refer screenshot)
I need to retrieve executed sql queries by using log analytics.
I have the log analytics workspace and also configured diagnostic settings (SQL managed instance and database).
But there is no data when I try to execute the following kusto query:
AzureDiagnostics | where Category == "QueryStoreRuntimeStatistics"
Should I set up something more to see this data? (enable Query Store - Write and Read - directly on the SQL Server Database ?)
In the AzureDiagnostic table I have only UsageStats and Erros.
We can check for SQL diagnostics information with help of log analytics workspace, below are few steps which we need to follow:
Need to create a log analytics work space.
Add few configurations to SQL such as enabling audit mode and select Log Analytics workspace.
Enable diagnostics to Log Analytics.
Select the check box for send data to log analytics.
We can understand more about this from one of the Microsoft blogs.
We have configured our synapse to send data to log analytics workspace .. one table got truncated from my synapse so i want to find out who has done that operation .. i tried with "synapsesqlpoolexecrequests" but not getting results .
So can anybody help me with query to write in log analytics for above requirement ..
I'm guessing this is a cross-post from Microsoft Q&A: https://learn.microsoft.com/en-us/answers/questions/385289/how-to-check-logs-in-synapse.html
All details about who ran a query are available in the monitoring tab in the Synapse workspace:
I'm trying to find a way from within Azure SQL to either 1) enumerate members of an Azure Active Directory security group or 2) check if a user login is a member of an SG. I've found various articles about doing it from a domain joined standalone SQL installation but not from Azure SQL. Most of the samples for the standalone installation use system sprocs like xp_cmdshell which don't exist in Azure SQL. I know I can create an Azure Function or Logic App to sync users to a table but I'd like to avoid using an external process to do this if possible.
#Kalyan Chanumolu-MSFT's comment should be very helpful to you. This scenario is not supported today.
You can try to use his suggestion.
You will have to talk to Microsoft Graph API from an intermediate like an Azure function to relay the data to Azure SQL Database.
You also can raise a support ticket to confirm it and also can put forward your suggestions in the feedback.