Page History
Trusted users are SQL Server logins and members of SQL Server roles that you trust to read, update, or manage a particular audited database or an entire serverserver´s databases. The SQL Compliance Manager Agent removes events generated by trusted users from the audit trail before sending the trace file to the Collection Server for processing. This exclusion occurs for all auditing, including DML and SELECT events related to sensitive columns and before and after data.
By designating trusted users at server level, you can more efficiently audit servers and databases used by third-party applications, such as SAP, that are self-auditing. Self-auditing applications are able to audit activity and transactions initiated by their service accounts. Because service accounts can generate a significant number of login and database change events, omitting these expected events from your audit data trail lets you more easily identify unexpected activity.
...
| Info |
|---|
When you want to specify multiple accounts as trusted users, consider creating a Windows group that contains only those users. This approach allows you to better manage your trusted users and ensures you do not accidentally trust additional accounts due to unexpected group membership (such as through nested groups). Creating a unique group for trusted users prevents unintended omissions in your audit data. |
Available actions
Add a trusted user or role
...