Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in
Home       Members    Calendar    Who's On

Add to briefcase

Databse auditing and management of audit logs Expand / Collapse
Posted Wednesday, May 8, 2013 7:54 PM
Forum Newbie

Forum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum NewbieForum Newbie

Group: General Forum Members
Last Login: Monday, March 31, 2014 4:10 PM
Points: 1, Visits: 8
Need assistance on the following :

a) What are the common SQL database events/activities that should be audited?
b) How long should the audit logs be kept?

Would appreciate any thoughts on the matters.
Post #1450863
Posted Thursday, May 9, 2013 3:57 AM



Group: General Forum Members
Last Login: Today @ 6:39 AM
Points: 17,173, Visits: 32,141
I don't think there's a standard answer for either question. Auditing requirements are either a business or legal requirement. If the business you're working with doesn't need auditing, there's no need to turn it on at all. Otherwise, you need to consult with the business side to understand their expectations. Publicly traded companies have to comply with some part of Sarbannes-Oxley for some of their data. While US health-care companies have to comply with HIPA for parts of their data. You may even be in a publicly traded health-care company where you have to comply with both. I'd go straight to the business and ask this question.

"The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood..." Theodore Roosevelt
The Scary DBA
Author of:
SQL Server Query Performance Tuning
SQL Server Execution Plans

Product Evangelist for Red Gate Software
Post #1450971
« Prev Topic | Next Topic »

Add to briefcase

Permissions Expand / Collapse