You can specify which SQL events you want to audit at the database level. SQL Compliance Manager applies these settings to the audited database on the registered SQL Server instance.

You can configure database audit settings when you add a new database or later as your auditing needs change. For more information about individual SQL events, see Microsoft SQL Server Books Online.

SQL CM audits the following SQL events at the database level.

Event classSQL Server versionDescription
Audit Add DB UserSQL Server 2000 onlyRecords when a database user is added or dropped from the audited database. In SQL Server 2005 and later, this event class is Audit Database Principal Management
Audit Add Member to DB RoleSQL Server 2000 and laterRecords when users are added to or removed from a database role
Audit Add RoleSQL Server 2000 onlyRecords when a database role is added to or removed from the audited database. In SQL Server 2005 and later, this event class is Audit Database Principal Management
Audit App Role Change PasswordSQL Server 2000 and laterRecords all application password changes
Audit Backup/RestoreSQL Server 2000 and laterRecords BACKUP and RESTORE operations, including backups and restores performed through SQLsafe
Audit DBCCSQL Server 2000 and laterRecords all DBCC commands executed on the audited database
Audit Database Object AccessSQL Server 2005 and laterRecords when an operation, login, or application accesses a database object

Audit Database Object GDR

SQL Server 2005 and later

Records all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements on the audited database object

Audit Database Object Management

SQL Server 2005 and later

Records all DROP, ALTER, and CREATE operations on database objects
In SQL Server 2000, this event class is Audit Object Derived Permission

Audit Database Object Take Ownership

SQL Server 2005 and later

Records when ownership of an audited database object changes

Audit Database Operation

SQL Server 2005 and later

Records all operations executed on an audited database

Audit Database Principal Management

SQL Server 2005 and later

Records all DROP, ALTER, and CREATE operations on database principals

Audit Database Scope GDR

SQL Server 2005 and later

Records all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements on the audited database
In SQL Server 2000, this event class is Audit Statement GDR

Audit Object Derived Permission

SQL Server 2000 only

Records ALTER, CREATE, and DROP commands executed on a database object, such as CREATE TABLE or ALTER TABLE
In SQL Server 2005 and later, this event class is Audit Database Object Management and Audit Schema Object Management

Audit Object GDR

SQL Server 2000 only

Records all GRANT, REVOKE, or DENY actions on user permissions for a database object
In SQL Server 2005 and later, this event class is Audit Schema Object GDR

Audit Object Permission

SQL Server 2000 only

Records whether a user is authorized to execute the following commands on a database object:

  • SELECT ALL
  • UPDATE ALL
  • REFERENCE ALL
  • INSERT
  • DELETE
  • EXECUTE (stored procedures only)
    In SQL Server 2005 and later, this event class is Audit Schema Object Access

Audit Schema Object Access

SQL Server 2005 and later

Records whether a user is authorized to execute the following commands on a schema object:

  • SELECT ALL
  • UPDATE ALL
  • REFERENCE ALL
  • INSERT
  • DELETE
  • EXECUTE (stored procedures only)
    In SQL Server 2000, this event class is Audit Object Permission

Audit Schema Object GDR

SQL Server 2005 and later

Records all GRANT, REVOKE, or DENY actions on user permissions for a schema object
In SQL Server 2000, this event class is Audit Object GDR

Audit Schema Object Management

SQL Server 2005 and later

Records ALTER, CREATE, and DROP commands executed on a server object
In SQL Server 2000, this event class is Audit Object Derived Permission and Audit Statement Permission

Audit Schema Object Take Ownership

SQL Server 2005 and later

Records when the ALTER AUTHORIZATION statement is used to change ownership of a schema object

Audit Statement GDR

SQL Server 2000 only

Records all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements on the audited database
In SQL Server 2005 and later, this event class is Audit Database Scope GDR

Audit Statement Permission

SQL Server 2000 only

Records when a user is authorized to execute a T-SQL statement on the audited database
In SQL Server 2005 and later, this event class is Audit Schema Object Management

SQL Transaction

SQL Server 2000 and later

Records the status of explicit and implicit DML transactions executed in T-SQL scripts, including:

  • Begin
  • Commit
  • Rollback
  • Savepoint

 

SQL Compliance Manager audits all activity on your server. Learn more > >
  • No labels