Share via

Database Threat Detection Policies - Get

  • Reference
Service:
SQL Database
API Version:
2014-04-01

Gets a database's threat detection policy.

GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/securityAlertPolicies/default?api-version=2014-04-01

URI Parameters

Name In Required Type Description
databaseName
 path True

string

The name of the database for which database Threat Detection policy is defined.
resourceGroupName
 path True

string

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
securityAlertPolicyName
 path True

SecurityAlertPolicyName

The name of the security alert policy.
serverName
 path True

string

The name of the server.
subscriptionId
 path True

string

The subscription ID that identifies an Azure subscription.
api-version
 query True

string

The API version to use for the request.

Responses

Name Type Description
200 OK

DatabaseSecurityAlertPolicy

Successfully retrieved the database Threat Detection policy.
Other Status Codes

*** Error Responses: ***

  • 500 GetDatabaseSecurityAlertPolicyFailed - Failed to get database Threat Detection security alert policies. * 500 DatabaseIsUnavailable - Your settings are currently unavailable, please try again later

Examples

Get database security alert policy

Sample request

GET https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/servers/securityalert-2080/databases/testdb/securityAlertPolicies/default?api-version=2014-04-01

Sample response

Status code:
200 
{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/servers/securityalert-2080/databases/testdb",
  "name": "default",
  "type": "Microsoft.Sql/servers/databases/securityAlertPolicies",
  "location": "Japan East",
  "kind": "V12",
  "properties": {
    "state": "Enabled",
    "emailAccountAdmins": "Enabled",
    "emailAddresses": "[email protected];[email protected]",
    "disabledAlerts": "Usage_Anomaly",
    "retentionDays": 0,
    "storageAccountAccessKey": "",
    "storageEndpoint": "",
    "useServerDefault": "Enabled"
  }
}

Definitions

Name Description
DatabaseSecurityAlertPolicy

Contains information about a database Threat Detection policy.
SecurityAlertPolicyEmailAccountAdmins

Specifies that the alert is sent to the account administrators.
SecurityAlertPolicyName

The name of the security alert policy.
SecurityAlertPolicyState

Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
SecurityAlertPolicyUseServerDefault

Specifies whether to use the default server policy.

DatabaseSecurityAlertPolicy

Contains information about a database Threat Detection policy.

Name Type Description
id

string

Resource ID.
kind

string

Resource kind.
location

string

The geo-location where the resource lives
name

string

Resource name.
properties.disabledAlerts

string

Specifies the semicolon-separated list of alerts that are disabled, or empty string to disable no alerts. Possible values: Sql_Injection; Sql_Injection_Vulnerability; Access_Anomaly; Data_Exfiltration; Unsafe_Action.
properties.emailAccountAdmins

SecurityAlertPolicyEmailAccountAdmins

Specifies that the alert is sent to the account administrators.
properties.emailAddresses

string

Specifies the semicolon-separated list of e-mail addresses to which the alert is sent.
properties.retentionDays

integer

Specifies the number of days to keep in the Threat Detection audit logs.
properties.state

SecurityAlertPolicyState

Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.
properties.storageAccountAccessKey

string

Specifies the identifier key of the Threat Detection audit storage account. If state is Enabled, storageAccountAccessKey is required.
properties.storageEndpoint

string

Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. If state is Enabled, storageEndpoint is required.
properties.useServerDefault

SecurityAlertPolicyUseServerDefault

Specifies whether to use the default server policy.
type

string

Resource type.

SecurityAlertPolicyEmailAccountAdmins

Specifies that the alert is sent to the account administrators.

Name Type Description
Disabled

string

Enabled

string

SecurityAlertPolicyName

The name of the security alert policy.

Name Type Description
default

string

SecurityAlertPolicyState

Specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required.

Name Type Description
Disabled

string

Enabled

string

New

string

SecurityAlertPolicyUseServerDefault

Specifies whether to use the default server policy.

Name Type Description
Disabled

string

Enabled

string