Related: SQLCM-4573, 4592 Select on sensitive columns not captured for trusted user
Steps to reproduce:
1. Open Audited database properties and add trusted user
2. In Audited activities tab, select all activities
3. In sensitive Columns tab, add tables for sensitive column access
4. Update audit settings
5. Login SQL server with the trusted user account
6. Run select queries on sensitive column tables
7. Collect audit data
8. Observe the select events are not captured
Note - Same behavior is noticed when extended events are enabled
The SQL Column Search Settings window allows you to select the table columns you want SQL Compliance Manager to audit for sensitive column access using SELECT events. This information is important to track whether a third-party application or database user reads data in a specific table column. Enable this feature on a database to review the SELECT events in the Audit Events view. Note that this feature can improve the performance of your Collection Server and Management Console. You can audit sensitive columns on specific tables without enabling SELECT statement auditing at the database level. Sensitive column auditing is not available until you deploy an agent to audit the server and a heartbeat is received. Available actions Add Allows you to select one or more database tables to audit for sensitive columns. Remove Allows you to remove the selected database table from the list of audited tables.
...