How To Configure SQL Server Audit Events To The Security Log
Microsoft reference Link
https://learn.microsoft.com/en-us/sql...
How to configure SQL audit logs in to windows security
1.Add SQL Server instance service account to below
Press Win + R on your keyboard to open the Run dialog box, type "secpol.msc" (without quotes), and press Enter. This will open the Local Security Policy console.
Local PoliciesUser Rights AssignmentManage auditing and security logadd user or group.
Local PoliciesUser Rights Assignment Generate security auditsadd user or group.
Note:gpupdate /force to make changes effective from CMD
2.Take RDP where SQL Server is installed and Regedit and move to below and provide full permission to Instance service account.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security
Note:Restart SQL Server to make changes effective.
3.Configure the audit object access setting in Windows using auditpol[Optional]
open Command Prompt with administrator permissions and execute the following statement:
auditpol /set /subcategory:"application generated" /success:enable /failure:enable
Note: Restart SQL Server to make changes effective.
4.Create and any sql server security audit event and test it.
============================
SELECT event_time,action_id, statement, database_name, server_principal_name
FROM fn_get_audit_file( 'D:\Test\Audit-*.sqlaudit' , DEFAULT , DEFAULT)-- where action_id != 'LGIS'
============================
Смотрите видео How To Configure SQL Server Audit Events To The Security Log онлайн без регистрации, длительностью часов минут секунд в хорошем качестве. Это видео добавил пользователь MS SQL DBA Tech Support 18 Май 2023, не забудьте поделиться им ссылкой с друзьями и знакомыми, на нашем сайте его посмотрели 5,205 раз и оно понравилось 25 людям.