I am excited to announce the release of our latest audit logging agent over at LOGbinder.com...
Introducing LOGbinder SQL
Our LOGbinder SQL agent enriches SQL Server’s cryptic and generic audit messages to produce easy-to-understand audit log events. Similar to LOGbinder SP, these events can be output to the Security log a custom Windows event log, where any log management or SIEM solution can collect, alert, report, and analyze.
SQL Server Audit Log Processing
SQL Server 2008 introduced a totally new audit logging facility which is critical to enterprises storing sensitive information and/or processing important transactions in today’s demanding compliance environment.
SQL Server Audit is flexible in terms of audit policy and comprehensive in relation to the breadth and depth of objects and actions that can be audited. However, the audit data generated by SQL Server needs additional refinement and processing before it can be relied upon as a usable audit trail and managed by your existing log management/SIEM solution.
Refines the cryptic SQL audit log
The audit records generated by SQL Server audit are cryptic and difficult to understand. Basically, one log record format is used for documenting everything from an insertion on a table to a modification of a stored procedure. And while SQL Server can write events to the security log, it uses the same event ID for all events, and the IDs and keywords are not resolved. Thus, it requires in-depth knowledge of the SQL audit model in order to decipher events.
Frees SQL audit logs from their proprietary format
The preferred and highest performance option for audit log output results in a proprietary file format that cannot be parsed by log management/SIEM solutions using typical text log file-based parsing engines.
Our new LOGbinder SQL agent processes the proprietary formatted SQL Server audit log and enriches SQL Server’s cryptic and generic audit messages to produce an easy-to-understand audit log event which then outputs to the Windows event log, where any log management or SIEM solution can collect, alert, report, and analyze.
Enriches SQL audit logs without impacting SQL Server performance
LOGbinder SQL can be installed either on the SQL server itself or, to eliminate any impact on business database functions, you can deploy a separate server with the LOGbinder SQL agent, processing audit logs from multiple SQL Servers via share folders.
Connects SQL Audit to Your SIEM
LOGbinder SQL fills a critical gap between enterprise database servers and audit log management solutions, allowing you to obtain a clearly-written and easy-to-understand audit log that is accessible to your existing log management solution. Similar to our efforts with LOGbinder SP, we will be working with log management and SIEM solution providers to build recommended alerts and reports into their systems for SQL server audit logs processed by LOGbinder SQL.
Download LOGbinder SQL Now! Click here.
Or if you want further information on this new solution, please contact sales .