August 3, 2009 at 3:05 pm
Hello there,
We've got to enable auditing for critical DB servers which stores Card holder data. I've read Brian Kelley's article "SQL Server Auditing - Part 1" and "
Auditing with SQL Profiler". What I don't understand is how to use the profiler to enable auditing for a particular table/column which houses the card holder data. Also, the end goal is to move these logs to a centralized log management server (RSA enVision). Can we export the profiler logs to enVision?
If someone performs a select/alter/drop query on this table we wish to log the event for analysis. In addition, we wish to log account management events. Any help is greatly be appreciated.
Thank you,
V
August 3, 2009 at 3:30 pm
I would say the profiler method could certainly do all that. You could also look at DDL triggers to capture the object changes and logon triggers to capture logins..
CEWII
August 4, 2009 at 8:19 am
If you only want to audit access to 1 table you could apply filters on DatabaseId and ObjectId.
I don't know anything about RSA EnVision, but I would assume you could load the trace files into it even if you have to do something custom.
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply