• State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 21 subscribers
  • Views 4537 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CA for SQL Server - capturing queries run by high privilege accounts

cvaland
over 6 years ago

We have a number of SQL logins that have high level of privilege i.e. sysadmin, db_owner, db_writer, etc.

We are looking to capture:

  1. when the account was used and by whom
  2. what query was run against the database
  3. where this query was triggered from

For 1 and 3, we should be able to put filters or some sort of exclusion list to removed auditing for known users i.e. DBAs and servers where these accounts are permitted to run under that user context.

Please let me know how to extended the auditing to covert for these scenarios.

 

Many thanks,

Chirag

Parents
  • 0 over 6 years ago

    Hi Chirag,

    Change Auditor SQL Data Level template can provide this level of detail. Have you tried testing with this template type? There are optional filters for database/user/table, etc..

    I should note, it will audit activity by the accounts in question but not by whom (that information is not available within the SQL operations monitored).

    Regards,
    Chris

Reply
  • 0 over 6 years ago

    Hi Chirag,

    Change Auditor SQL Data Level template can provide this level of detail. Have you tried testing with this template type? There are optional filters for database/user/table, etc..

    I should note, it will audit activity by the accounts in question but not by whom (that information is not available within the SQL operations monitored).

    Regards,
    Chris

Children
No Data