Security Audit

  • I want to setup a security Audit on my production server. What I did I create a trace include all the security class events and store the trace out put in a trace table on a DBA database . Every third day I run a DTS package that remove the data from trace table and store in a arachive table . I ran different adhoc queries and reports on my trace table to find any DDL and DBA activities for this purpose I have to run the trace all the time. I am only worried about production server performance. I want a execution control of my audit trace?

    I read in articles that I can schedule audit trace via stored procedure or a job.

    I need suggestions whether I am doing right? Is there any better way to implement security audit.

     

    Thanks

    Khalid

  • Hi,

    Creating traces on production server will degrade performance. It is better if you create server side traces

     

     


    Helen
    --------------------------------
    Are you a born again. He is Jehova Jirah unto me

  • You can either try "C2 Audit" for the server or server side traces.

  • Run sp_configure "c2 audit", 1

    reconfigure with override

    Recycle the SQL Server.

    C2 auditing is now enabled and you will see trace files under mssql\data directory.

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply