STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Microsoft Azure SQL Database Security Technical Implementation Guide

V-255344

CAT II (Medium)

Azure SQL Database must provide a warning to appropriate support staff when allocated audit record storage volume reaches 75 percent of maximum audit record storage capacity.

Rule ID

SV-255344r961398_rule

STIG

Microsoft Azure SQL Database Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-001855

Discussion

Auditing for Azure SQL Database tracks database events and writes them to an audit log in the Azure storage account, Log Analytics workspace, or Event Hubs. Under normal conditions, the audit space allocated by an Azure Storage account can grow quite large. Since a requirement exists to halt processing upon audit failure, a service outage would result.

Check Content

Azure SQL Database must provide notice upon audit storage reaching capacity.

Verify if an Azure Rule exists with the following command example:

$storageAcct = Get-AzStorageAccount -ResourceGroupName "Name of RG for Audit Storage" -Name "Audit Storage Account Name"
$metric = Get-AzMetricAlertRuleV2 | Where-Object TargetResourceId -eq $storageAcct.Id
$metric.Criteria

If no alert exists, this is a finding.

If the criteria does not match 75 percent or less than the maximum capacity of 5 TiB, this is a finding.

Fix Text

Utilize Alerts in Microsoft Azure Monitoring and/or third-party tools to configure the system to notify appropriate support staff immediately upon storage volume utilization reaching 75 percent.

https://docs.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-overview