January 2, 2012 at 9:00 pm
Hi Experts,
Please on very urgent basis.
We are having 2008 R2 Enterprise edtn on our servers ...
I want to implement security audit Policy....
Want to capture DML,create,alter,drop statements using audit specification but only for some users not for all.
Is there any way i can do the same bcoz there is no option i have found for specific users using audit specification.
Example : there are 3 users with sys admin write ... i want to do the audit for only 2 users with sysadmin writes.... and for third i want to do if user runs drop database or alter database commands.
Kindly let me know by examples if i can do it by using facets,policies or any othr.
January 2, 2012 at 9:15 pm
NM
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
January 2, 2012 at 9:17 pm
No - do it for all of them. You will find that it will come back to save you someday if you audit all of them.
Jason...AKA CirqueDeSQLeil
_______________________________________________
I have given a name to my pain...MCM SQL Server, MVP
SQL RNNR
Posting Performance Based Questions - Gail Shaw[/url]
Learn Extended Events
January 3, 2012 at 11:39 am
one way to do it is to setup trace to run and capture the events you want and it can be filtered based on the users, databases etc.
If you use T-sql, the trace can be triggered and stopped via sql agent job if you want it to run only for limited span of time like for business hours only.
January 3, 2012 at 12:06 pm
Sounds like you want DDL triggers.
January 3, 2012 at 8:35 pm
i dnt want to do all of them ..... is there ny way around.. to do with server specification option
January 4, 2012 at 10:27 am
You can write a ddl trigger to be as narrowly focused as you wish.
Viewing 7 posts - 1 through 6 (of 6 total)
You must be logged in to reply to this topic. Login to reply