Is it possible to dissolve Kaizala group without losing jobs from management portal. Because we need job done or undone history for our reports. I try to delete a test group from admin portal so i delete every message and jobs which created in group meeting.
Thanks...
It is not possible to dissolve Kaizala groups without losing the group content/data, including Jobs, survey and other Actions
Related
I have some Azure SQL Database environments where the Activity Directory admin is set to an AAD group.
I need to set up auditing on Azure SQL Database environments so that all activity from the members of that group users is captured. I've got the basic Azure SQL Auditing set up and working but it generates way too much logging.
I think I need to use the PowerShell command Set-AzSqlServerAudit to filter it with the PredicateExpression option, but I cannot find any query that will filter for members of that group. Any similar approach would be acceptable (e.g. checking for any elevated permissions, whether in that group or not) as long as it includes that group.
Is it possible?
I found that I can use the following PredicateExpression to audit any admin activity on the database:
-PredicateExpression "[database_principal_name]= 'dbo'
I used the audit log definition at https://learn.microsoft.com/en-us/azure/azure-sql/database/audit-log-format?view=azuresql to see the list of available fields.
Our backend service runs BigQuery jobs using it's own account. And as an administrator I would like to see those jobs in the Web UI. Is there some permissions I can set or query parameters I can use to do this?
You need to first setup Audit Logs.
Once you have it in a table (maybe next day) you can write a query to list all jobs
a simple query is:
SELECT
protopayload_auditlog.authenticationInfo.principalEmail,
protopayload_auditlog.methodName,
protopayload_auditlog.servicedata_v1_bigquery.jobInsertRequest.resource.jobConfiguration.query.query,
protopayload_auditlog.servicedata_v1_bigquery.jobInsertResponse.resource.jobName.jobId,
protopayload_auditlog.servicedata_v1_bigquery.jobInsertResponse.resource.jobStatistics.createTime
FROM [wr_auditlogs.cloudaudit_googleapis_com_data_access_20171208]
where protopayload_auditlog.serviceName='bigquery.googleapis.com'
which will list these things
email who executed (user,service account)
method name eg (jobservice.insert)
query string if this was a query job (there are extract and cancel jobs as well)
the jobID
the created time
You can setup this or more advanced query as a view, and you can query this view periodically. You can retrieve also via API, see that discussed here logging all BigQuery queries
It is now possible to view jobs and queries from other users in the web UI. You need bigquery.jobs.list permission for this.
To list queries, in the UI, go to "Query History", and be sure to check "show queries for all users". You are then able to filter the queries on the user you are looking for.
To list jobs, in the UI, go to "Job History". You are then able to filter the queries on the user you are looking for.
You need the permission bigquery.jobs.listAll
You can find this permission in some of the predefined roles.
I am trying to synchronise databases in two different subscriptions using Azure datasync on the new portal
https://learn.microsoft.com/en-us/azure/sql-database/sql-database-get-started-sql-data-sync
On the portal, I do not get the ability to choose subscription or connection string to connect to a Azure database on a different subscription (this is not on premise)
The options presented are either
a) Database from existing subscription + database server
b) on-premise database- with a sync agent to be downloaded
Can linking to another database via connection string be implemented via API's or is there any restriction or feature limitation around this?
Based on your comment, your issue is due to you having different logins for each subscription. In order to achieve what you want to do, you will need to cross add the various users to the subscriptions.
First, log into your Azure portal. Navigate to the subscription you are the admin for. Click on Access control (IAM) to manage the permissions for it.
Click the Add button which will bring up a dialog to add permissions. Simply select the role you wish to grant (I believe you will need contributor for this) and enter the email address of the user that you want to grant permissions to.
When running a report on the Tableau Cloud against BigQuery, there is no Query History.
Even when I refresh the datasource with a new day of data, and I see that the report now shows the new date, there is no Query History. I need to see the History to calculate costs and to understand what Tableau is doing behind the scenes.
Make sure to use same user for tableau and for retrieving query history
There is a flag administrators can use on the jobs API to retrieve jobs for all users in the project they administer. See the allUsers flag described at:
https://cloud.google.com/bigquery/docs/reference/v2/jobs/list
This functionality is not available in the UI but you can use the command line tool (bq) to retrieve jobs across users. It has a flag that enables this option.
We have an employee that recently left the company, and I have a bunch of SSRS reports that she has access to. Is there a way to remove her from all of the reports at once, or do I have to go one by one?
You can delete the user from the reportserver database.
Then, the user can no longer be verified, and a login becomes impossible.
PS: Backup the ReportServer database first, just in case...
DELETE FROM [ReportServer].[dbo].[PolicyUserRole]
WHERE UserID IN
(
SELECT UserID FROM Users WHERE UserName ='blabla'
)
DELETE FROM Users WHERE UserName ='blabla'
Presumably the reports security are based on Active Directory?
If she no longer has access to your network then she would not be able to access the reports.
If you have granted AD groups access rather than individual AD logins you could request that she is removed from each AD Group she is within, otherwise you will have to remove her individually from each report.
On a side note, if her AD account has been deleted then she will not be able to access the reports anyway, even if she could access the network?