Versions Compared

Old Version 4

changes.mady.by.user Nadja Pollard

Saved on

compared with

New Version 5

changes.mady.by.user Nadja Pollard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The Sensitive Column Search window allows you to search all of the tables and columns on a targeted database to discover the location of sensitive data that needs to be audited. You can access this window from the Instance Details view by selecting Sensitive Column Search from the drop-down list available in the Audited Databases section.

Image Added

Performing a search

To search for Sensitive Columns within one or more databases:

  1. Select the target database name from the available list. To search all databases, leave the list at the default Select a database option.
  2. If you selected a specific database, select a target table name. Note that you cannot select a table if you did not select a target database.
  3. Select a search profile, and then continue with the next step. If no profiles are configured or if you want to edit an existing profile, click Configure Search. SQL Compliance Manager displays the SQL Column Search Settings window for you to configure a search profile. Use the following subset of steps to configure a search profile.
    Image Added
    1. In the SQL Column Search Settings window, select one or more search strings you want to include in the search profile. Click Select All to include all of the available search strings in this profile.
    2. If the search string you want to use does not exist and you want to create a new search string, click New. This option allows you to select a category, type a name for the search string, and then include the string definition. Click Save to retain the search string you just created.
    3. Once you select all of the search string you want in the profile, click Save Profile. The profile is now available for you to select on the Sensitive Column Search window.
  4. Click Perform Search to execute the search on the selected database(s) and table(s) based on the selected Active Search Profile. IDERA SQL Compliance Manager runs the Sensitive Column search and displays the results.
  5. Click Export Report to export the results in .csv format. This function allows you to save the data in a format that is compatible with the Import Sensitive Columns feature.

Related: SQLCM-4573, 4592 Select on sensitive columns not captured for trusted user

Steps to reproduce:

1. Open Audited database properties and add trusted user

2. In Audited activities tab, select all activities

3. In sensitive Columns tab, add tables for sensitive column access

4. Update audit settings

5. Login SQL server with the trusted user account

6. Run select queries on sensitive column tables

7. Collect audit data

8. Observe the select events are not captured

Note - Same behavior is noticed when extended events are enabled

 

The SQL Column Search Settings window allows you to select the table columns you want SQL Compliance Manager to audit for sensitive column access using SELECT events. This information is important to track whether a third-party application or database user reads data in a specific table column. Enable this feature on a database to review the SELECT events in the Audit Events view. Note that this feature can improve the performance of your Collection Server and Management Console. You can audit sensitive columns on specific tables without enabling SELECT statement auditing at the database level. Sensitive column auditing is not available until you deploy an agent to audit the server and a heartbeat is received. Available actions Add Allows you to select one or more database tables to audit for sensitive columns. Remove Allows you to remove the selected database table from the list of audited tables.
Image Removed

...

...


Excerpt
SQL Compliance Manager audits all activity on your server. Learn more > >
IDERA WebsiteProductsPurchaseSupportCommunityAbout UsResources Legal

...