InstantForum.NET v2.9.0SQLServerCentralhttp://www.sqlservercentral.com/Forums/notifications@sqlservercentral.comWed, 22 May 2013 10:38:58 GMT20http://www.sqlservercentral.com/Forums/Topic775474-146-1.aspxThanks guys, this looks like good stuff!Sun, 23 Aug 2009 11:18:36 GMTRichard Siskhttp://www.sqlservercentral.com/Forums/Topic775474-146-1.aspxYou can download the guide from here also. :-)Sun, 23 Aug 2009 08:37:55 GMTSarab_SQLGeekhttp://www.sqlservercentral.com/Forums/Topic775474-146-1.aspxAll you need is C2 Administrator’s and User’s Security Guide Revision 1.1you can donwload this guide from :http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=71C146F3-9907-40CD-BABF-3506ECD33254Sun, 23 Aug 2009 08:36:36 GMTSarab_SQLGeekhttp://www.sqlservercentral.com/Forums/Topic775474-146-1.aspx- You can indeed switch your sqlserver instance to "audit login all", that will insert a row for every logon attempt in the sqlserver instance Errorlog file.Off course you'll have to secure that file at os level and take copies at frequent inverval,...- to trace what's going on you could use my little article " SQL Server and SOX" to get started. [url]http://www.sqlservercentral.com/articles/Security/3203/[/url]- Keep in mind at windows level you can also audit the (windows) logons at os-level. - you can also capture sqlserver login events yourself ( see "Scope: The drastic caveat with Logon Triggers." ! at [url]http://www.sqlservercentral.com/articles/Administration/64974/[/url] )Sun, 23 Aug 2009 08:21:30 GMTALZDBAhttp://www.sqlservercentral.com/Forums/Topic775474-146-1.aspxSure, its the log that gets the entries when someone does a login or logout of SQL Server. You can then view the logs in SQL Server Management Studio by clicking on Management/SQL Server Logs.Sun, 23 Aug 2009 07:25:33 GMTRichard Siskhttp://www.sqlservercentral.com/Forums/Topic775474-146-1.aspxCan you elaborate on the audit logs you are referring to?Sun, 23 Aug 2009 00:13:36 GMTS. Kusenhttp://www.sqlservercentral.com/Forums/Topic775474-146-1.aspxWorking on instructions for securing a SQL 2005/2008 server for credit card PCI compliance. Below are the specific requirements from the PCI spec that I am using SQL Server auditing to cover.The specific items; 10.2.3 and 10.2.6 are the requirements I am solving for. Can I audit these actions?10.2.2 All actions taken by any individual with root or administrative privileges10.2.3 Access to all audit trails10.2.4 Invalid logical access attempts10.2 5 Use of identification and authentication mechanisms10.2.6 Initialization of the audit logsThanksFri, 21 Aug 2009 16:23:39 GMTRichard Sisk