You can specify which SQL events you want to audit at the database level. SQL Compliance Manager applies these settings to the audited database on the registered SQL Server instance.
You can configure database audit settings when you add a new database or later as your auditing needs change. For more information about individual SQL events, see Microsoft SQL Server Books Online.
SQL CM audits the following SQL events at the database level.
Event class | SQL Server version | Description |
---|---|---|
Audit Add DB User | SQL Server 2000 only | Records when a database user is added or dropped from the audited database. In SQL Server 2005 and later, this event class is Audit Database Principal Management |
Audit Add Member to DB Role | SQL Server 2000 and later | Records when users are added to or removed from a database role |
Audit Add Role | SQL Server 2000 only | Records when a database role is added to or removed from the audited database. In SQL Server 2005 and later, this event class is Audit Database Principal Management |
Audit App Role Change Password | SQL Server 2000 and later | Records all application password changes |
Audit Backup/Restore | SQL Server 2000 and later | Records BACKUP and RESTORE operations, including backups and restores performed through SQLsafe |
Audit DBCC | SQL Server 2000 and later | Records all DBCC commands executed on the audited database |
Audit Database Object Access | SQL Server 2005 and later | Records when an operation, login, or application accesses a database object |
Audit Database Object GDR | SQL Server 2005 and later | Records all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements on the audited database object |
Audit Database Object Management | SQL Server 2005 and later | Records all DROP, ALTER, and CREATE operations on database objects |
Audit Database Object Take Ownership | SQL Server 2005 and later | Records when ownership of an audited database object changes |
Audit Database Operation | SQL Server 2005 and later | Records all operations executed on an audited database |
Audit Database Principal Management | SQL Server 2005 and later | Records all DROP, ALTER, and CREATE operations on database principals |
Audit Database Scope GDR | SQL Server 2005 and later | Records all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements on the audited database |
Audit Object Derived Permission | SQL Server 2000 only | Records ALTER, CREATE, and DROP commands executed on a database object, such as CREATE TABLE or ALTER TABLE |
Audit Object GDR | SQL Server 2000 only | Records all GRANT, REVOKE, or DENY actions on user permissions for a database object |
Audit Object Permission | SQL Server 2000 only | Records whether a user is authorized to execute the following commands on a database object:
|
Audit Schema Object Access | SQL Server 2005 and later | Records whether a user is authorized to execute the following commands on a schema object:
|
Audit Schema Object GDR | SQL Server 2005 and later | Records all GRANT, REVOKE, or DENY actions on user permissions for a schema object |
Audit Schema Object Management | SQL Server 2005 and later | Records ALTER, CREATE, and DROP commands executed on a server object |
Audit Schema Object Take Ownership | SQL Server 2005 and later | Records when the ALTER AUTHORIZATION statement is used to change ownership of a schema object |
Audit Statement GDR | SQL Server 2000 only | Records all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements on the audited database |
Audit Statement Permission | SQL Server 2000 only | Records when a user is authorized to execute a T-SQL statement on the audited database |
SQL Transaction | SQL Server 2000 and later | Records the status of explicit and implicit DML transactions executed in T-SQL scripts, including:
|