Page History

IDERA SQL Compliance Manager audits each registered SQL Server instance and the associated databases according to the audit settings you configure. Your audit settings should directly correlate with the SQL events you need to track in order to meet your compliance objectives. For example, you can register a SQL Server instance for auditing but not audit the hosted databases. Likewise, you can audit a single database on a registered SQL Server instance that hosts multiple databases.

...

If you are subject to comply with regulations such as PCI DSS or HIPAA, you can use SQL CM Compliance Manager to configure your audit settings according to the specific guidelines of the regulation. SQL CM Compliance Manager then collects event data based on these guidelines and can provide a report that details the section of the regulation and the data collected using SQL CMCompliance Manager. You can apply the regulation guideline audit settings to one or more databases on a registered SQL Server instance.

...

SQL Compliance Manager collects all events in the SQL trace that are related to the activity you want to audit. When choosing the activities you want to audit, be aware that activities performed through the SQL Server client tools, such as Management Studio, may log multiple events. For example, when you add a login to a role, the SQL trace records one event for the add login action and another event for changing the default language. In this case, SQL CM SQL Compliance Manager collects each event as separate audit data according to the SQL trace.

...

Trusted users are SQL Server logins and members of SQL Server roles that you trust to read, update, or manage a particular audited database. As these users are trusted, the events generated by accounts are removed by the SQL CM Compliance Manager Agent from the audit trail before sending the trace file to the Collection Server for processing.

...

If you are auditing privileged user activity and the trusted user is also a privileged user, SQL CM Compliance Manager will continue to audit this user because of its elevated privileges. For example, a service account that is a member of the sysadmin fixed SQL Server role will continue to be audited even though the account is designated as trusted. Keep in mind that trusted users are filtered at the database level whereas privileged users are audited at the server level.

...

...