We are going through some auditing for PCI compliance, even though there is no credit card information in our sql databases, they are still requiring us to turn on tracing. This is with the RSA envision product. They provided us with scripts that would turn on tracing to all events except a select event, and a sql query would return the information to the envision server to be stored. On sql 2000 this functionality would require sa privileges and we are working with them to make it so we run the traces to files and sftp the files to the envision server. These events are producing 1 gig trace files every minute. We asked them to narrow the parameters of the tracing and they told us this would not be a problem if we let there process work to pull the data via odbc every 5 sec. Our thoughts are, 1 gig is 1 gig no matter how often you pull it.
Anyone else work with this product and have any luck narrowing the trace need for pci.
Thanks in advance.