SQL Server Audit Log Event ID 24082

SourceSQL Server (LOGbinder SQL)
Action GroupSERVER_PRINCIPAL_CHANGE_GROUP
Windows Security Log
Category
 • Subcategory		Object Access
 • Application Generated
Type Success

24082: Issued a change server principal password expiration command (action_id PWEX)

This is an event from SQL Server audit event from LOGbinder SQL generated by Action Group  SERVER_PRINCIPAL_CHANGE_GROUP.

On this page

A command to change a server principal's password expiration setting was issued

Free Security Log Resources by Randy

Description Fields in 24082

FieldDescription
OccurredWhen event was reported by SQL Server
Authorization resultIf the command passed authorization checks
Session IDID of the session on which the event occurred
User
Server
Target object
 IDTarget object ID
 NameTarget object name
 TypeTarget object type
StatementTransact-SQL statement

Setup PowerShell Audit Log Forwarding in 4 Minutes

 

Where Does This Event Come From?

This Event Is Produced By

Which Integrates with Your SIEM

Examples of 24082

Issued a change server principal password expiration command
A command to change a server principal's password expiration setting was issued
Action Group: SERVER_PRINCIPAL_CHANGE_GROUP
Occurred: 8/22/2013 6:07:50.0000000 PM
Authorization result: Access allowed
Session ID: 67
User: LB\Administrator
Server: DEV3
Target Object
  ID: 273
  Name: TestLogin2
  Type: SQL login
Statement: ALTER LOGIN [TestLogin2] WITH CHECK_EXPIRATION=ON

For more information, see http://www.ultimatewindowssecurity.com/securitylog/encyclopedia/event.aspx?eventid=24082

Top 10 Windows Security Events to Monitor

Free Tool for Windows Event Collection

Stay up-to-date on the Latest in Cybersecurity
Sign up for the Ultimate IT Security newsletter to hear about the latest webinars, patches, CVEs, attacks, and more.
Work Email:

 

Upcoming Webinars
Additional Resources

    Go To Event ID:

    Security Log
    Quick Reference
    Chart
    Download now!