SQL Server Features and Components

SQT08 Implementing Auditing in SQL Server

11/17/2015

2:00pm - 3:15pm

Level: Introductory to Intermediate

David Dye

Sergeant

Cape Coral Police Department

A common requirement for database administrators is to be able to track activity within a SQL instance. Based on governance, oversight or policy, most organizations require some means of tracking and recording specific events such as:

  • Failed logins
  • DDL events
  • Data access

Ideally, the front end application will have a means of capturing these day-to-day events. If not though, SQL provides a number of tools that will audit SQL events and activity. This session will begin outlining the methods, native to SQL, to audit SQL events including:

  • C2 Auditing
  • Common Criteria Compliance
  • SQL Trace
  • DDL Triggers
  • DML Triggers
  • SQL Audit

This session will outline and demonstrate each method and pay particular attention to the resources required for each technique. Much of this session will be spent examining SQL Audit and looking into the internal workings of this technology.

You will learn:

  • Enable C2 auditing
  • Enable Common Criteria Compliance
  • Create and configure a client and server side trace
  • Use DDL/DML triggers to audit activity
  • Configure SQL audit