DataSunrise Database Activity Monitoring for Databricks SQL

DataSunrise’s Databricks SQL Activity Monitoring solution provides complete visibility into user activity and changes applied to the platform. Monitoring Databricks helps detect potentially unsafe operations and reveal and investigate cybercrimes if they occur. The solution alerts database administrators in real time when suspicious activity is detected. DataSunrise is easy to deploy and has minimal impact on database throughput.

Our solution is designed to monitor Databricks activity. Thanks to continuous monitoring and real-time alerts, we build a comprehensive approach to database security. DataSunrise accurately captures user patterns and stores information, including details about performed actions, who and when accessed the database, and executed queries.

Databricks Activity Monitoring solution by DataSunrise ensures complete visibility into database activity and provides a full picture of actions in Databricks and the data within it.

Tracking and logging events performed on the database enables the detection of different types of hacking activity such as brute force, SQL injections, and others. The possibility of setting up audit rules enables sending real-time notifications via SMTP or SNMP every time a rule is triggered.

Our tool also collects information required for compliance purposes (by PCI DSS, SOX, HIPAA, and other regulations). Logs cannot be changed or tampered with, and they are automatically sent to an external application, such as SIEM. The data imported contains the following information:

• code of queries and responses
• session data on Databricks users
• information about applications used to query the database
• IP addresses, host names, configuration changes such as rule updates, database errors, authorization attempts, etc.