Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 
        
Home       Members    Calendar    Who's On


Add to briefcase

SQL Audit Help - Does SQL Audit Really Store Audit Info ON The Windows Logs Expand / Collapse
Author
Message
Posted Monday, May 06, 2013 2:00 PM


SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Monday, March 10, 2014 1:21 PM
Points: 885, Visits: 1,526
First off I admit I am no SQL Audit guru but from what I have read so far it sounds to me like as if the SQL Audit feature in SQL 2008 R2 is more for traditional programmers then DB admins.

If I read this info on SQL Audit correctly the info captured by SQL Audit is stored ONLY in Windows Event Logs. Can anyone familiar with SQL Audit confirm this or correct the statement if its incorrect? I can’t believe that the only option for storage of audit info would be the windows log. Maybe it’s just me but this seems like a decision few if any DB Admins would make. It does however sound like something traditional programmers would lovely embrace because it lets them avoid working with SQL language and Relational DB’s.

What I’ve always done (for the handful of tables we need to audit) is to create duplicate of the table and populate it with data whenever a DML change occurs via the use of triggers. I know that CDC would be great for doing this but it leaves out the WHO and so while you know what happened with your data when using CDC you have no idea who made the change and that’s the other critical piece to auditing for us.


Does SQL Audit allow only for storing in the Windows Event Log?


Kindest Regards,

A Democracy works great until the day you find yourself on the sheep side of a vote between 5 wolves and 4 sheep on what’s for dinner when neither have eaten in many days. A free Republic where the rights of the few and the individual are protected is the only one in which Freedom and Prosperity for all have a chance to blossom.
Post #1449868
Posted Tuesday, May 07, 2013 2:27 AM


SSCrazy

SSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazySSCrazy

Group: General Forum Members
Last Login: Wednesday, April 16, 2014 7:59 AM
Points: 2,078, Visits: 2,410
If you create a new AUDIT from SSMS the first window gives you the option to select the destination. The available options are "File", "Security Log" or "Application Log". When you have "File" selected, you can specify a destination on the available disk(s).

The AUDIT files can be imported to a (secure and restricted) central server to keep track of all recorded actions.


** Don't mistake the ‘stupidity of the crowd’ for the ‘wisdom of the group’! **
Post #1450025
Posted Tuesday, May 07, 2013 11:12 AM


SSC Eights!

SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!SSC Eights!

Group: General Forum Members
Last Login: Monday, March 10, 2014 1:21 PM
Points: 885, Visits: 1,526
HanShi (5/7/2013)
If you create a new AUDIT from SSMS the first window gives you the option to select the destination. The available options are "File", "Security Log" or "Application Log". When you have "File" selected, you can specify a destination on the available disk(s).

The AUDIT files can be imported to a (secure and restricted) central server to keep track of all recorded actions.



Thanks for the info.



Kindest Regards,

A Democracy works great until the day you find yourself on the sheep side of a vote between 5 wolves and 4 sheep on what’s for dinner when neither have eaten in many days. A free Republic where the rights of the few and the individual are protected is the only one in which Freedom and Prosperity for all have a chance to blossom.
Post #1450260
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse