Versions Compared

Old Version 7

changes.mady.by.user Nicolas Rios

Saved on

compared with

New Version 8

changes.mady.by.user Nicolas Rios

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Anchor
audited
audited
Audited Activities tab

The Audited Activities tab allows you to change which types of SQL Server events you want to audit. IDERA SQL Compliance Manager audits these events at the server level only.

Available fields

Audited Activity

Allows you select the type of activity you want to audit. Based on your selections, SQL Compliance Manager collects and processes the corresponding SQL Server events.

...

Via SQL Server Audit Specifications - Allows you to select SQL Server Audit Logs as your event handling system for DML and SELECT events for SQL Server 2017 and later versions. For more information about this feature, see Using SQL Server Audit Logs

Anchor
trusted
trusted
Trusted Users tab

The Trusted Users tab of the SQL Server Default Audit Settings window allows you to add Trusted Users at server level and set the default audit settings to be applied on SQL Server instances. Trusted users are SQL Server logins and members of SQL Server roles that you trust to read, update, or manage a particular audited server or databases. The SQL Compliance Manager Agent removes events generated by trusted users from the audit trail before sending the trace file to the Collection Server for processing. This exclusion occurs for all auditing, including DML and SELECT events related to sensitive columns and before and after data.

...

If you are auditing privileged user activity and the trusted user is also a privileged user, IDERA SQL Compliance Manager will continue to audit this user because of its elevated privileges. For example, a service account that is a member of the sysadmin fixed SQL Server role will continue to be audited even though the account is designated as trusted. Keep in mind that trusted users are filtered at the database level whereas privileged users are audited at the server level.
To omit, or filter, events generated by specific logins and roles from your audit data trail, click Add, and then select the SQL Server login or role you want to trust.

Available actions

Add a trusted user or role

...

Allows you to designate a previously trusted user or SQL Server role as non-trusted. When a login or role becomes non-trusted, SQL Compliance Manager begins auditing database-level activity generated by this login or role, based on your current audit settings


Anchor
privileged
privileged
Privileged User Auditing tab

The Privileged User Auditing tab of the SQL Server Default Audit Settings window allows you to add Privileged Users at server level and set the default audit settings to be applied on SQL Server instances. You can choose to audit event categories and user defined events. An event category includes related SQL Server events that occur at the server level. A user defined event is a custom event you create and track using the sp_trace_generateevent stored procedure.

...

When you update audit settings to audit privileged user activities, these changes are not applied until the SQL trace is refreshed. The SQL trace is refreshed when the SQL Compliance Manager Agent sends the trace files to the Collection Server. To ensure an immediate application of your new audit settings, click Update Audit Settings Now on the Agent menu.

Image Modified

Available actions

Add

Allows you to select one or more privileged users to audit. You can select privileged users by Server Roles or by Server Logins.

...

Allows you to remove the selected SQL Server login or fixed server role from the list of audited privileged users. When you remove the login or role, the SQL Compliance Manager Agent no longer collects events recorded for that login or the role members.

Available fields

Privileged users and roles to be audited

...

Ensure the Collection Server and the target SQL Server computers have ample resources to handle the additional data collection, storage, and processing. Because this setting can significantly increase resource requirements and negatively impact performance, choose this setting only when your compliance policies require you to audit SQL statements.

Anchor
thresholds
thresholds
Auditing Thresholds tab

The Auditing Thresholds tab of the SQL Server Default Audit Settings window allows you to set auditing thresholds to identify unusual activity on SQL Server instances. IDERA SQL Compliance Manager reports threshold violations through the Activity Report Cards on the Summary tabs.

Use auditing thresholds to display critical issues or warnings when a particular activity, such as privileged user events, is higher than expected. These thresholds can notify you about issues related to increased activity levels, such as a security breach, that may be occurring on this instance. Auditing thresholds can also inform you when an audited SQL Server instance is becoming non-compliant. Use thresholds to supplement the alert rules you have configured for your environment.

Image Modified

Available fields

Warning

Allows you to specify the number of events you expect to occur in a given event category for the selected time period. When the warning threshold is exceeded, this violation indicates an unusually high number of events. A warning threshold violation can lead to a non-compliant database or SQL Server instance.

...

Allows you to enable (select) or disable (clear) auditing thresholds for a particular event category.

Anchor
advanced
advanced
Advanced tab

The Advanced tab of the SQL Server Default Audit Settings window allows you to configure the following settings:

  • Control the default permission settings on the databases that contain audit data for this SQL Server instance.
  • Indicate whether collected SQL statements should be truncated if they pass the specified character limit. This option is only available if you are auditing SQL statements executed at the server level on this instance.

Image Modified

Available fields

Default Database Permissions

...

Allows you to specify whether you want to truncate collected SQL statements associated with audited events. You can set the character limit for collected SQL statements. By default, this limit is 512 characters. The Collection Server truncates SQL statements that are longer than the specified character limit.



Scroll pdf ignore
SQL Compliance Manager monitor, audit and alert on SQL user activity and data changes.
Newtabfooter
aliasIDERA
urlhttp://www.idera.com
 | 
Newtabfooter
aliasProducts
urlhttps://www.idera.com/productssolutions/sqlserver
 
Newtabfooter
aliasPurchase
urlhttps://www.idera.com/buynow/onlinestore
 | 
Newtabfooter
aliasSupport
urlhttps://idera.secure.force.com/
 | 
Newtabfooter
aliasCommunity
urlhttp://community.idera.com
 | 
Newtabfooter
aliasResources
urlhttp://www.idera.com/resourcecentral
 | 
Newtabfooter
aliasAbout Us
urlhttp://www.idera.com/about/aboutus
 
Newtabfooter
aliasLegal
urlhttps://www.idera.com/legal/termsofuse

Scroll Pagebreak