SQL Server Audit Action Group: APPLICATION_ROLE_CHANGE_PASSWORD_GROUP

Available in		New to:
Database Audit Specification	Server Audit Specification	2012	2016
• (SQL 2012)	•

This group tracks both successful and failed attempts to change the password of application roles.

Application roles are a database principle used to grant a given application-specific access to the database. Although called roles they have no members; they're really closer to a type of user. To track other changes to application roles such as creation and deletion see DATABASE_PRINCIPAL_CHANGE_GROUP.

If you enable this group on a given database you will audit password change attempts on all application roles on just that database; if you enable this group at the server level you'll track password change attempts on all application roles in all databases on the server.

LOGbinder for SQL Server events generated under this Audit Action Group:

Event ID	Description
24014	Change application role password succeeded
24015	Change application role password failed

Upcoming Webinars

Anatomy of a Cloud Hack: The Cloudflare/Okta Compromise – A Story of Tokens, Lateral Movement, Persistence and the Salvation of Zero Trust and Hard MFA Tokens

Additional Resources

Audit Policy

•	Server Audit Specification
•	Database Audit Specification
•	Audit Action Groups
•	Audit Actions
•	Audit Policy Wizard

User name:
Password:
	/ Forgot?
	Register

April 2024 Patch Tuesday	"Patch Tuesday - One Zero Day and Record Number of Patches! " - sponsored by LOGbinder

Follow @randyfsmith

About | Newsletter | Contact

Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2024 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.