Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

When you update audit settings to audit privileged user activities, these changes are not applied until the SQL trace is refreshed. The SQL trace is refreshed when the SQLcompliance Agent sends the trace files to the Collection Server. To ensure an immediate application of your new audit settings, click Update Audit Settings Now on the Agent menu.

SQL Server Extended Events support

Beginning with IDERA SQL Compliance Manager 5.4, SQL trace is deprecated as the product moves toward using SQL Server Extended Events. SQL Server Extended Events is an event handling system that offers lower overhead and delivers performance gains over the default SQL trace method. In SQL Compliance Manager 5.4, only SELECT and DML events for SQL Server 2012 and later versions are supported by this feature. All functionality that works on top of these events, such as DML/Select filtering, Before-After data, sensitive column auditing, and more, work with this new method of capturing event data.

There are two ways to enable Extended Event capture:

using the using stored procedures

Users wanting to take advantage of SQL Server Extended Events auditing capabilities can do so on the Privileged User auditing tab of the registered SQL Server Properties window by selecting Capture DML and Select activities using SQL Extended Events in the Audited Activity area.

Available actions

Add

Allows you to select one or more privileged users to audit. You can select privileged users by login name or by membership to a fixed server role.

...

Allows you to specify which activities (events) you want to audit for the selected privileged users. Select Audit all activities done by privileged users to include everything or select Audit selected activities done by privileged users followed by additional preferences for selective auditing. Available options include:

Logins
Failed logins
Security changes
Administrative actions
Database definition (DDL)
Database modification (DML)
Database SELECT operations
User defined events
Filter events based on access check.

Capture DML and Select activities using SQL Extended Events (available for only SQL Server 2012 and later versions)

Allows you to specify whether you want to use Microsoft SQL Server Extended Events to collect SQL statements associated with audited database modification (DML) and Select activities. To capture these statements, you must also enable DML or Select auditing.

SQL Server Extended Events is a general event handling system that provides an alternate means to gather audit event data. Extended Events provide improved performance and a lower-overhead alternate to SQL trace (default method) when collecting DML of Select events.

Ensure the Collection Server and the target SQL Server computers have ample resources to handle the additional data collection, storage, and processing. Because this setting can significantly increase resource requirements and negatively impact performance, choose this setting only when your compliance policies require you to audit SQL statements.

Capture SQL statements for DML and SELECT activityactivities

Allows you to specify whether you want to collect SQL statements associated with audited database modification (DML) and SELECT Select activities. To capture these statements, you must also enable DML or SELECT auditingSelect auditing.

...

SQL Compliance Manager audits all activity on your server. Learn more > >

Capture SQL statements for DDL activities

IDERA Website

...

Content

Space Tools

Versions Compared

Old Version 6

New Version 7

Key

SQL Server Extended Events support

Available actions

SQL Compliance Manager audits all activity on your server. Learn more > >