Re: SQL Audit Logs

FabricH · ‎08-22-2025

I tried to enable logging of UPDATE-Statements for the Warehouse (SQL Audits). I don't want to include SELECT-Statements, since this would increasy the volume of actions that are logged.

Bases on the documentation it should be possible (https://learn.microsoft.com/en-us/fabric/data-warehouse/sql-audit-logs#database-level-audit-action-g...).

This doesn't work:

--- Begin ---

POST https://api.fabric.microsoft.com/v1/workspaces/<workspace_id>/warehouses/<warehouse_id>/settings/sqlAudit/setAuditActionsAndGroups
content-type: application/json

Authorization: Bearer <bearer_token_here>

[
"UPDATE"
]

--- End ---

However, it might be necessary to specify an object. I couldn't figure out how it works. Did anybody successfully achieve the above and can give me a hint?

v-nmadadi-msft

Hi @FabricH ,
Could you please confirm if the issue has been resolved after raising a support case? If a solution has been found, it would be greatly appreciated if you could share your insights with the community. This would be helpful for other members who may encounter similar issues.

Thank you for your understanding and assistance.

FabricH · ‎08-26-2025

Thanks. The response returns "enabled".

I included the empty line after the bearer token (somehow removed it in this post).

In general, it works for audit action groups.
However, I am not able to only capture UPDATE statements without capturing SELECT statements.

v-nmadadi-msft · ‎08-28-2025

Hi @FabricH ,

Can you confirm if your Warehouse is using snapshots which is also in preview, there is a limitation where SQL Audit logs is not supported in Warehouse Snapshots.

I hope this information helps. Please do let us know if you have any further queries.
Thank you

FabricH · ‎08-28-2025

@v-nmadadi-msft

No snapshots exist in the warehouse.

Maybe I need to use a different API endpoint (not specified in the documentation).
Since in the documentation, the don't call this "audit action groups", but "individual audit actions".

v-nmadadi-msft

Hi @FabricH ,
Sorry to know it didn’t help. Please consider reaching out to Microsoft Support. You can provide them with all the troubleshooting steps you've already taken, which will help them understand the issue better and provide a resolution. They might be able to identify something specific about your admin account setup or provide a solution that isn't immediately obvious.

Below is the link to create Microsoft Support ticket:
How to create a Fabric and Power BI Support ticket - Power BI | Microsoft Learn
Thank you

FabricH

thanks!

v-nmadadi-msft · ‎08-22-2025

Hi @FabricH ,
Thanks for reaching out to the Microsoft fabric community forum.

Please verify if SQL audit logs are enabled using GET request using the same REST Client extension.

The response should return ENABLED.

Also make a note In the extension example code, you must include an empty line immediately after providing the bearer token. This empty line signals the extension where the HTTP headers end and the API command body begins, allowing it to correctly distinguish between the two.

I hope this information helps. Please do let us know if you have any further queries.
Thank you

SQL Audit Logs

Helpful resources

Fabric Monthly Update - August 2025

Fabric Community Update - August 2025

Join us at FabCon Vienna from September 15-18, 2025

SQL Audit Logs

Helpful resources

Fabric Monthly Update - August 2025

Fabric Community Update - August 2025