You can specify which SQL events you want to audit at the server level. IDERA SQL Compliance Manager applies these settings to the registered SQL Server instance. These settings are not applied to the hosted databases.

You can configure server audit settings when you register a new SQL Server instance or later as your auditing needs change. For more information about individual SQL events, see Microsoft SQL Server Books Online.

Configurations applied at Server-level automatically apply across all databases for that server, showing items as checked and unavailable for deselection at the Database-level. 

Event classSQL Server versionDescription
Audit Add LoginSQL Server 2000 onlyRecords when a SQL Server login is added to or dropped from a registered SQL Server instance
In SQL Server 2005 and later, this event class is Audit Server Principal Management
Audit Add Login To Server RoleSQL Server 2000 and laterRecords when a login is added to or removed from a server role
Audit Change Database OwnerSQL Server 2005 and laterRecords when the ALTER AUTHORIZATION statement is used to specify a different database owner
Audit Database ManagementSQL Server 2005Records all DROP, ALTER, and CREATE operations on a database
Audit LoginSQL Server 2000 and laterRecords all successful logins on the registered SQL Server instance
Audit LogoutsSQL Server 2000 and laterRecords all logouts on the registered SQL Server instance
Audit Login Change PasswordSQL Server 2000 and laterRecords all password changes for logins on the registered SQL Server instance
Audit Login Change PropertiesSQL Server 2000 and laterRecords changes in default database and language properties for all logins on the registered SQL Server instance
Audit Login FailedSQL Server 2000 and laterRecords all logins that failed an access check on the registered SQL Server instance
Audit Login GDRSQL Server 2000 onlyRecords all GRANT, REVOKE, or DENY actions on Windows 2000 user account login rights
In SQL Server 2005 and later, this event class is Audit Server Principal Management
Audit Object Derived PermissionSQL Server 2000 onlyRecords CREATE and DROP commands executed on a server object, such as CREATE DATABASE or DROP DATABASE
In SQL Server 2005 and later, this event class is Audit Database Management
Audit Server Alter TraceSQL Server 2005 and laterRecords when an ALTER TRACE permission check is executed for a T-SQL statement that creates, configures, or filters a SQL trace
Audit Server Object GDRSQL Server 2005 and laterRecords all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements on the audited schema object, such as a table or function
Audit Server Object ManagementSQL Server 2005 and laterRecords all DROP, ALTER, and CREATE operations on server objects
Audit Server Object Take OwnershipSQL Server 2005 and laterRecords when ownership of an audited server object changes
Audit Server OperationSQL Server 2005 and laterRecords all security operations executed on the audited server
Audit Server Principal ImpersonationSQL Server 2005 and laterRecords when impersonation is used to access or act on a server object
Audit Server Principal ManagementSQL Server 2005 and laterRecords all DROP, ALTER, and CREATE operations on server principals
Audit Server Scope GDRSQL Server 2005 and laterRecords all GRANT, REVOKE, or DENY actions on permissions for executing T-SQL statements that change the server scope, such as creating a login
Audit Statement PermissionSQL Server 2000 onlyRecords when a user is authorized to execute a T-SQL statement on the registered SQL Server instance
In SQL Server 2005 and later, this event class is Audit Database Management



IDERA |  Products | Purchase | Support |  Community |  Resources |  About Us | Legal

  • No labels