Who Created the Azure SQL Database?

A common but critical question I often hear from customers is: “Who created this Azure SQL Database?” Let’s walk through how to find out.

 Method 1: Using the Azure Activity Log

To test this, I created a new database via the Azure Portal. The first step is to use the Activity Log:

1. Search for the database name at the top of the Activity Log page.

1. Click on the relevant row to view the summary.
2. For more details, click on Change history.

You’ll see an entry labeled “Resource Created” with useful metadata like the timestamp, user, and other change details.

To dig deeper, click on the JSON tab. This reveals additional information, including the caller—the user who initiated the operation.

f the database was created more than a few days ago, you can:

• Click New alert rule.

• Adjust the Chart period to “Over last week”.
• Then click View events in Azure Monitor – Activity Log to return to the original view.

Note: According to Microsoft documentation, the Activity Log retains data for only 90 days.

What If the Database Was Created via SSMS or T-SQL?

Here’s another common question:
“If I create a database using SSMS or T-SQL, will it show up in the Activity Log?”

The short answer is: No.

I tested this by creating a database named test002-ssms via SSMS. When I searched for it in the Activity Log, it didn’t appear.

Best Practice: Use SQL Auditing

The most reliable method is to enable SQL Auditing. I’ve covered this in a previous post, but here’s a quick example using Log Analytics Workspace:

This query shows:

• Who created the database
• When it was created
• From which IP address
• Using which command

If the database was created recently, the Activity Log is a quick way to find the creator. But for long-term tracking and more detailed auditing, enabling SQL Auditing is the best approach.