SQL Server Audit Logging

SQL Server 2008 introduced a totally new audit logging facility which is critical to enterprises storing sensitive information and/or processing important transactions in today’s demanding compliance environment.

SQL Server Audit allows you to track administrator, application and user level activity across all types of objects and operations. You can track

• security operations involving logins, roles and permissions
• maintenance of tables, stored procedures and any other object
• database operations like backup and restore
• Transact SQL table commands like insert, delete, update and select
• and much more

You can choose exactly what to audit by defining audit specifications at the server and database level. And you can log events to either the Windows Security Log or output higher performance binary audit logs to a shared folder on another server.

SQL Server Audit is flexible in terms of audit policy and comprehensive in relation to the breadth and depth of objects and actions that can be audited. However, the audit data generated by SQL Server needs additional refinement and processing before it can be relied upon as a usable audit trail and managed by your existing log management/SIEM solution; hence the need for LOGbinder for SQL Server.

Next:

• Audit Policy
• Audit Logs
• LOGbinder for SQL Server
• SQL Audit Policy Wizard

 

Upcoming Webinars Unpacking a Linux Supply Chain Compromise Using the Recently Published XZ Utils Backdoor as the Example Assessing the Security of Your Active Directory: User Accounts Anatomy of a Cloud Hack: The Cloudflare/Okta Compromise – A Story of Tokens, Lateral Movement, Persistence and the Salvation of Zero Trust and Hard MFA Tokens

Additional Resources

•	Audit Policy
•	Audit Logs
•	LOGbinder SQL
•	Webinars