The Sensitive Columns tab of the Audited Database Properties window allows you to choose the table columns for which you want to audit SELECT events. This data tells you which third-party application or database user accessed and read the specified columns.
Audit access to sensitive columns when it is critical to capture whether someone read the data in a specific table column. When this feature is enabled, you can review the SELECT events in the Audit Events view. Enabling this feature can impact your Collection Server and Management Console performance. You can audit sensitive columns on specific tables without enabling SELECT statement auditing at the database level.
IDERA SQL Compliance Manager does not capture sensitive column data for trusted user accounts. For more information about trusted users, see Audited Database Properties window - Trusted Users tab.
To successfully audit specific columns on a table, ensure the table name does not contain the following special characters: \ / : * ? "
Sensitive Column auditing is supported by SQLcompliance Agent 3.5 or later. To use this feature, please ensure you upgrade your agent to at least version 3.5.
Specify tables for before and after data collection
Use Add and Remove to specify the tables for which you want to access to specific sensitive columns.
Specify which columns to audit
Use Edit to specify which columns you want to audit. You can audit all columns or individual columns.
Provides the name of the table you are auditing on this database.
Indicates the status of the columns associated with the audited tables. Typically, this field will display All Columns or list the individual columns that are audited for SELECT events.
Set up auditing sensitive columns
Sensitive column auditing occurs independently from your other database-level audit settings.
To set up auditing sensitive columns:
- On the Sensitive Columns tab, click Add to choose which audited tables should also be audited at the column level when a user attempts to access this column.
- Choose the appropriate tables, and then click OK. By default, all columns are audited.
- If you want to audit specific columns , select the table, and then click Edit.