Versions Compared

Old Version 3

changes.mady.by.user Nicolas Rios

Saved on

compared with

New Version 4

changes.mady.by.user Nicolas Rios

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The Trusted Users tab of the SQL Server Default Audit Settings window allows you to add Trusted Users at server level and set the default audit settings to be applied on SQL Server instances. You can choose to audit event categories and user defined events. An event category includes related SQL Server events that occur at the server level. A user defined event is a custom event you create and track using the sp_trace_generateevent stored procedure.

Image Removed

Available actions

Add

Allows you to select one or more trusted users to audit. You can select trusted users by Server Roles or by Server Logins.

Remove

...

 Trusted users are SQL Server logins and members of SQL Server roles that you trust to read, update, or manage a particular audited server or databases. The SQL Compliance Manager Agent removes events generated by trusted users from the audit trail before sending the trace file to the Collection Server for processing. This exclusion occurs for all auditing, including DML and SELECT events related to sensitive columns and before and after data.

Image Added

When you designate trusted users, consider limiting your list to a few specific logins. This approach optimizes event processing performance and ensures you filter the intended accounts.

If you are auditing privileged user activity and the trusted user is also a privileged user, IDERA SQL Compliance Manager will continue to audit this user because of its elevated privileges. For example, a service account that is a member of the sysadmin fixed SQL Server role will continue to be audited even though the account is designated as trusted. Keep in mind that trusted users are filtered at the database level whereas privileged users are audited at the server level.
To omit, or filter, events generated by specific logins and roles from your audit data trail, click Add, and then select the SQL Server login or role you want to trust.

Available actions

Add a trusted user or role

Allows you to select which SQL Server logins or roles you want to trust on this database. When a login or role is designated as trusted, the SQL Compliance Manager Agent omits all database-level activity generated by these logins from the audit data trail.

Remove a user or role from the trusted list

Allows you to designate a previously trusted user or SQL Server role as non-trusted. When a login or role becomes non-trusted, SQL Compliance Manager begins auditing database-level activity generated by this login or role, based on your current audit settings


Anchor
privileged
privileged
Privileged User Auditing tab

...