admin管理员组文章数量:1291121
Just want to ask an expert opinion to get more information about the following Azure built-in policies if there is a similarity. Also the difference of these policies from each other.
Azure built-in policies:
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace
- Configure the Microsoft Defender for SQL Log Analytics workspace
Is it necessary to assign or implement all these policies or one of them is enough? See the policy definitions below.
Just want to ask an expert opinion to get more information about the following Azure built-in policies if there is a similarity. Also the difference of these policies from each other.
Azure built-in policies:
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a user-defined LA workspace
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace
- Configure the Microsoft Defender for SQL Log Analytics workspace
Is it necessary to assign or implement all these policies or one of them is enough? See the policy definitions below.
Share Improve this question edited Feb 13 at 17:41 jarlh 44.8k8 gold badges50 silver badges67 bronze badges asked Feb 13 at 16:25 RomeoRomeo 451 silver badge7 bronze badges 1- This is not related to the ANSI/ISO SQL language, so I removed the <sql> tag. I suppose you could add a tag for your dbms instead. – jarlh Commented Feb 13 at 17:43
1 Answer
Reset to default 0Azure built-in policy definitions for SQL virtual machine and Microsoft Defender
The below built-in policies you've mentioned are created to automate the deployment and configuration of Microsoft Defender for SQL on SQL Virtual Machines.
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a user-defined Log Analytics (LA) workspace
This policy will help you install Microsoft Defender for SQL on SQL VMs and send their diagnostic data to a user-specified Log Analytics workspace.
In this scenario, you can specify your own Log Analytics workspace, where the logs should be stored.
- Configure SQL Virtual Machines to automatically install Microsoft Defender for SQL and DCR with a Log Analytics workspace:
This policy will automate the installation of Microsoft Defender for SQL on SQL VMs and configure them to send diagnostic data to a Log Analytics workspace, which may be automatically created if not user defined LAW
Scenario: Associates the DCR with a Log Analytics workspace, which can be automatically created if not specified.
- Configure the Microsoft Defender for SQL Log Analytics workspace:
This policy specifies or configures the Log Analytics workspace that Microsoft Defender for SQL should use for storing diagnostic data.
Scenario: Sets or updates the Log Analytics workspace associated with Microsoft Defender for SQL.
Reference:List of built-in policy definitions - Azure Policy | Microsoft Learn
本文标签: Azure builtin policy definitions for SQL virtual machine and Microsoft DefenderStack Overflow
版权声明:本文标题:Azure built-in policy definitions for SQL virtual machine and Microsoft Defender - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741517541a2382984.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论