Auditing

Question

Auditing

AndrewL65

Mr or Mrs. 500

Points: 526
More actions
April 24, 2018 at 4:35 am

#337415

With GDPR looming my company has agreed that we need some auditing software to record access to data etc. I'm currently reviewing a couple of products to audit our SQL Servers. they are:
Idera's Compliance Manager
Apex SQL Audit
Was wondering if anyone has experience with either of them?
My main concern will be performance on our live systems.
Regards
Andrew Lackenby

Viewing 8 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic. Login to reply

Jeff Moden SSC Guru Points: 1004301 More actions · Answer 1

I've no experience in such auditing software but can only imagine how much extra data you'll end up needing to store. It also seems like a Catch-22... wouldn't you also have to apply GDPR rules to the data you capture for the audit, as well?

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)

AndrewL65 Mr or Mrs. 500 Points: 526 More actions · Answer 2

Jeff Moden - Tuesday, April 24, 2018 8:09 AM
I've no experience in such auditing software but can only imagine how much extra data you'll end up needing to store. It also seems like a Catch-22... wouldn't you also have to apply GDPR rules to the data you capture for the audit, as well?

Unless we record data then no. The main reason we are looking at it is from a data breach point of view. Even if I knew somebody broke into our network, we wouldn't know what data they accessed without something recording every select.

Sue_H SSC Guru Points: 90860 More actions · Answer 3

AndrewL65 - Tuesday, April 24, 2018 4:35 AM
With GDPR looming my company has agreed that we need some auditing software to record access to data etc. I'm currently reviewing a couple of products to audit our SQL Servers. they are:
Idera's Compliance Manager
Apex SQL Audit
Was wondering if anyone has experience with either of them?
My main concern will be performance on our live systems.
Regards
Andrew Lackenby

I used Compliance Manager before. It didn't have much of an impact on performance. That was our biggest concern as they were for pretty active databases. They let us run it for free longer than usual just so we could keep monitoring that.
Auditors loved it, the canned reports were great and it is probably the easiest one to configure - or used to be anyway.

Sue

Jeff Moden SSC Guru Points: 1004301 More actions · Answer 4

Sue_H - Wednesday, April 25, 2018 3:45 PM
AndrewL65 - Tuesday, April 24, 2018 4:35 AM
With GDPR looming my company has agreed that we need some auditing software to record access to data etc. I'm currently reviewing a couple of products to audit our SQL Servers. they are:
Idera's Compliance Manager
Apex SQL Audit
Was wondering if anyone has experience with either of them?
My main concern will be performance on our live systems.
Regards
Andrew Lackenby
I used Compliance Manager before. It didn't have much of an impact on performance. That was our biggest concern as they were for pretty active databases. They let us run it for free longer than usual just so we could keep monitoring that.
Auditors loved it, the canned reports were great and it is probably the easiest one to configure - or used to be anyway.
Sue

Thanks for the take on that, Sue. We may have such a thing coming up and a recommendation from someone like yourself will carry a bit more weight than mine alone... especially since I've not used such a product before.

--Jeff Moden

RBAR is pronounced "ree-bar" and is a "Modenism" for Row-By-Agonizing-Row.
First step towards the paradigm shift of writing Set Based code:
________Stop thinking about what you want to do to a ROW... think, instead, of what you want to do to a COLUMN.

Change is inevitable... Change for the better is not.

Helpful Links:
How to post code problems
How to Post Performance Problems
Create a Tally Function (fnTally)

Sue_H SSC Guru Points: 90860 More actions · Answer 5

Jeff Moden - Wednesday, April 25, 2018 4:02 PM
Sue_H - Wednesday, April 25, 2018 3:45 PM
AndrewL65 - Tuesday, April 24, 2018 4:35 AM
With GDPR looming my company has agreed that we need some auditing software to record access to data etc. I'm currently reviewing a couple of products to audit our SQL Servers. they are:
Idera's Compliance Manager
Apex SQL Audit
Was wondering if anyone has experience with either of them?
My main concern will be performance on our live systems.
Regards
Andrew Lackenby
I used Compliance Manager before. It didn't have much of an impact on performance. That was our biggest concern as they were for pretty active databases. They let us run it for free longer than usual just so we could keep monitoring that.
Auditors loved it, the canned reports were great and it is probably the easiest one to configure - or used to be anyway.
Sue
Thanks for the take on that, Sue. We may have such a thing coming up and a recommendation from someone like yourself will carry a bit more weight than mine alone... especially since I've not used such a product before.

Thanks but I'm fairly petite so there isn't much weight there 🙂
But it does take care of a bunch of audit work with the canned reports. Give them reports and tell them to go away. Far away.

Sue

AndrewL65 Mr or Mrs. 500 Points: 526 More actions · Answer 6

Sue_H - Wednesday, April 25, 2018 3:45 PM
AndrewL65 - Tuesday, April 24, 2018 4:35 AM
With GDPR looming my company has agreed that we need some auditing software to record access to data etc. I'm currently reviewing a couple of products to audit our SQL Servers. they are:
Idera's Compliance Manager
Apex SQL Audit
Was wondering if anyone has experience with either of them?
My main concern will be performance on our live systems.
Regards
Andrew Lackenby
I used Compliance Manager before. It didn't have much of an impact on performance. That was our biggest concern as they were for pretty active databases. They let us run it for free longer than usual just so we could keep monitoring that.
Auditors loved it, the canned reports were great and it is probably the easiest one to configure - or used to be anyway.
Sue

Hi Sue,
Good to hear about the lack of performance impact.
The only downside I can see of Compliance Manager is it needs to be installed on a SQL Server. Also that version of SQL needs to be equal or greater than the version you are auditing. I was thinking that would make upgrades more tricky.
The Apex system has very little in the way of built in reports but looks like you can easily create your own using its built in report writer.

Regards,

Andrew Lackenby

Sue_H SSC Guru Points: 90860 More actions · Answer 7

AndrewL65 - Thursday, April 26, 2018 1:56 AM
Hi Sue,
Good to hear about the lack of performance impact.
The only downside I can see of Compliance Manager is it needs to be installed on a SQL Server. Also that version of SQL needs to be equal or greater than the version you are auditing. I was thinking that would make upgrades more tricky.
The Apex system has very little in the way of built in reports but looks like you can easily create your own using its built in report writer.
Regards,
Andrew Lackenby

You just always keep the Compliance Manager monitoring instance running at the highest version of SQL Server that is supported so upgrades for the other instances are really nothing.
Most of the auditing software has fairly easy to use reporting components. A lot of that reporting is fairly basic anyway but anything that can save time during audits really helps. It's hard to get real work done during some auditing.

Sue