Please enter your information to subscribe to the Microsoft Fabric Blog.

Thanks for subscribing to the Microsoft Fabric Blog. You’ll receive email notifications when we publish new posts.

Microsoft Fabric Updates Blog

  1. Updates
  2. Fabric Platform

Auditing for Fabric SQL database (Preview)

Auditing for Fabric SQL database, is a powerful feature designed to help organizations strengthen security, ensure compliance, and gain deep operational insights into their data environments.

Why Auditing Matters

Auditing is a cornerstone of data governance. With Fabric SQL Database auditing, you can now easily track and log database activities—answering critical questions like who accessed what data, when, and how. This supports compliance requirements (such as HIPAA and SOX), enables robust threat detection, and provides a foundation for forensic investigations.

Key Highlights

  • Flexible Configuration: Choose from default ‘audit everything’, preconfigured scenarios (like permission changes, login attempts, data reads/writes, schema changes), or define custom action groups and predicate filters for advanced needs.
  • Seamless Access: Audit logs are stored in OneLake, making them easily accessible via T-SQL or OneLake Explorer.
  • Role-Based Access Control: Configuration and log access are governed by both Fabric workspace roles and SQL-level permissions, ensuring only authorized users can view or manage audit data.
  • Retention Settings: Customize how long audit logs are retained to meet your organization’s policy.

How It Works

Audit logs are written to a secure, read-only folder in OneLake and can be queried using the sys.fn_get_audit_file_v2 T-SQL function. Workspace and artifact IDs are used as identifiers, ensuring logs remain consistent even if databases move across logical servers. Access controls at both the workspace and SQL database level ensure only the right people can configure or view audit logs.

select event_time,action_id ,statement ,file_name,application_name from sys.fn_get_audit_file_v2
('https://onelake.blob.fabric.microsoft.com/<<workspace id>>/<<artifact id>>
/Audit/sqldbauditlogs/',default,default,default,default)

Example Use Cases

  • Compliance Monitoring: Validate a full audit trail for regulatory requirements.
  • Security Investigations: Track specific events like permission changes or failed login attempts.
  • Operational Insights: Focus on specific operations (e.g., DML only) or test retention policies.
  • Role-Based Access: Verify audit visibility across different user roles.

Getting Started

You can configure auditing directly from the Manage SQL Auditing blade in the Fabric Portal. Choose your preferred scenario, set retention, and (optionally) define custom filters—all through a simple, intuitive interface.

 

To learn more, and guidance getting started, refer to the Auditing for Fabric SQL database documentation.

 

Related blog posts

Auditing for Fabric SQL database (Preview)

Blog's featured image

Introducing Migration assistant for SQL database in Fabric (Preview)
April 6, 2026 by Neel Ball

Modern organizations are at a crossroads. Legacy SQL Server workloads need modernization, but migration complexity often stands in the way. What if you could bring your SQL databases into a unified analytics platform—without the hassle of manual schema conversion, complex ETL pipelines, or costly re-architecture? That’s exactly what the new Migration Assistant for SQL database … Continue reading “Introducing Migration assistant for SQL database in Fabric (Preview)”

Read more
Blog's featured image

Five reasons to attend SQLBits in the UK
April 2, 2026 by Anna Hoffman

Microsoft SQL team is returning as headline sponsor of SQLBits 2026, taking place from 22–25 April at ICC Wales in Newport. I’m speaking for the whole team when I say we’d love to see you there. I’m here today to give you five reasons you should attend SQLBits. This year we’re teaming up with AMD … Continue reading “Five reasons to attend SQLBits in the UK”

Read more