Page History
The Privileged User Auditing tab of the Registered SQL Server Audited Database Properties window allows you to change the audit settings currently applied to privileged users on this SQL Server instance. You can choose to audit event categories and user defined events. An event category includes related SQL Server events that occur at the server level. A user defined event is a custom event you create and track using the sp_trace_generateevent stored procedure.For example, you for the selected Database. You can audit individual SQL Server logins with privileged access , as well as logins that belong to specific fixed server roles, all activities, or specific activities.
To successfully configure privileged user audit settings, the Management Console must have trusted access to the physical computer hosting the target SQL Server instance.
When you update audit settings to audit privileged user activities, these changes are not applied until the SQL trace is refreshed. The SQL trace is refreshed when the SQL Compliance Manager Agent sends the trace files to the Collection Server. To ensure an immediate application of your new audit settings, click Update Audit Settings Now on the Agent menu.
Available actions
Add
Allows you to select one or more privileged users to audit. You can select privileged users by login name or by membership to a fixed server role.
...
Allows you to remove the selected SQL Server login or fixed server role from the list of audited privileged users. When you remove the login or role, the SQL Compliance Manager Agent no longer collects events recorded for that login or the role members.
| Note | ||
|---|---|---|
| ||
Privileged Users selected at Server-level auditing are pre-selected and disabled for selection. These Privileged Users can be removed only at Server-level Privileged Users auditing. |
Available fields
Server-Level Privileged Users
Lists the audited privileged users configured at Server-level. These users can only be edited at Server-level Privileged Users.
Privileged users and roles to be audited
...
Allows you to specify which activities (events) you want to audit for the selected privileged users. Select Audit all activities done by privileged users to include everything or select Audit selected activities done by privileged users followed by additional preferences for selective auditing. Available options include:
- Logins
- Logouts
- Failed logins
- Security changes
- Administrative actions
- Database definition (DDL)
- Database modification (DML)
- Database SELECT operations
- User-defined events
- Filter events based on the access check
| Note | ||
|---|---|---|
| ||
Audited activities configured at Database-level auditing are automatically pre-selected and disabled for selection for Privileged Users added at Database level auditing. Users must edit changes at the Database level Auditing Activities tab to disable these settings. |
Capture SQL statements for DML and SELECT activity
...
The Add Users window is accessed by clicking Add on on the Privileged User Auditing tab while viewing Registered SQL Server Properties. Use this window to include selected login accounts and roles as privileged. Added logins/roles may be removed by selecting the item in the Privileged User Auditing tab , and then click clicking Remove.
| Scroll pdf ignore |
|---|
SQL Compliance Manager audits all activity on your server. Learn more > > IDERA Website | Products | Buy | Support | Community | About Us | Resources | Legal |
...