Auditing

A quick overview of database audit in SQL

January 28, 2021 by Prashanth Jayaram

Database auditing is an important task that helps to guide the organization and can point out areas that can be improved, the cause of functions that aren’t quite working as intended, or simply monitoring activity for compliance with government or industry policies. At its core, an audit simply logs events that are happening on the server instance or in a database and saves them out as audit files that can be reviewed after the fact. In general, the objective of Security, Compliance and Auditing is that “all data should remain secure”. There are many techniques and tools available to secure, protect and safeguard the data, but how do you know what’s right for your organization?

How to track data changes on Azure SQL Database

December 21, 2020 by Rejhan Kuc

In this article, we will guide you through tracking data changes on the Azure SQL database and introduce common use case scenarios and learn how to get the most out of system-versioned tables.

Getting started with Azure SQL Database auditing using Blob storage

November 16, 2020 by Rejhan Kuc

Introduction

In this article we are going to show how to get started with the Azure SQL Database auditing using specific auditing techniques to configure audit specification and reconstruct audit data trail. Companies nowadays choose to migrate to the Azure cloud platform due to multiple reasons like:

Enforce SQL database best practices using SQL Server Policy-Based Management

July 24, 2020 by Nisarg Upadhyay

In this article, I am going to explain how we can enforce the SQL database best practices using Policy-Based Management. The policy-based management feature of SQL Server was introduced in SQL Server 2005. This feature was useful because it helps database administrators to define and enforce the database policies based on the organizations’ requirements.

Auditing in AWS RDS SQL Server

January 20, 2020 by Rajendra Gupta

This article explores the server and database audit in AWS RDS SQL Server.

Audit and Alert SQL Server Jobs Status Changes (Enabled or Disabled)

December 4, 2019 by Jignesh Raiyani

In this article, we will talk about how to track enabled or disabled SQL jobs in SQL Server using T-SQL. Users with the Sysadmin role have the default permissions to modify the information of any jobs in SQL Server. If a user is not in this role and wants access to this activity, then the user needs to be given the SQLAgentOperatorRole in the msdb database.

SQL Server Auditing Interview Questions

October 3, 2019 by Ahmad Yaseen

In this article, we will discuss a number of common and important SQL Server Audit questions that you may be asked during the SQL Server database administrator interview. I advise you to check them out and get ready for the interview.

SQL Server Auditing Best Practices

May 23, 2019 by Ahmad Yaseen

In this article on SQL Server Auditing Best practices, we will show the best practices that should be followed to have a successful auditing strategy that complies the company audit policies and requirements.

Triggers in SQL Server

May 15, 2019 by Ranga Babu

In this article, we will review triggers in SQL Server, different types of trigger events, trigger order and NOT FOR REPLICATION in triggers. A trigger is a database object that runs automatically when an event occurs. There are three different types of events.

Perform a SQL Server Audit using ApexSQL Audit

May 15, 2019 by Ahmad Yaseen

This is the last article, but not least, in the SQL Server Audit series. In this series (see TOC at the bottom), we explained deeply the concept of the SQL Server Audit, why it becomes mandatory for each company to have a SQL Server Audit solution to track and log the different types of events at both the SQL Server instance and database levels. We also went through and compare the different methods that can be used to audit the SQL Server instances and databases.

Performing a SQL Server Audit using System-Versioned Temporal Tables

May 14, 2019 by Ahmad Yaseen

In previous articles of this SQL Server Audit series (see the TOC at the bottom), we discussed the main concept and real-life needs for having a SQL Server Audit solution. After that, we went through the different methods that can be used to audit the SQL Server instances and databases. In this article, we will show how to take advantages of the System-versioned Temporal Tables feature to audit database table DML changes.

Using the SQL Server Audit Feature to Audit Different Actions

April 22, 2019 by Ahmad Yaseen

In the previous article of the SQL Server Audit series, SQL Server Audit Feature Components, we discussed the three main components of the SQL Server Audit feature; the SQL Server Audit, the Server Audit Specifications, and the Database Audit Specifications in details. In this article, we will show how to use the SQL Server Audit feature to track, log and review the different operations performed at both the SQL Server and the database levels.

SQL Server Audit Feature Components

April 15, 2019 by Ahmad Yaseen

In the previous articles of the SQL Server Audit series (see the TOC at the bottom), we discussed the concept of the SQL Server Audit, why we need an audit solution to track and log the different events performed in our SQL Server instances and databases, and went through the different methods that can be used to audit the SQL Server databases. In this article, we will discuss the SQL Server Audit feature components and how to configure it.

C2 auditing – SQL Server Auditing and Common Criteria Compliance using C2 audit mode

April 1, 2019 by Dinesh Asanka

This article will cover SQL Server C2 auditing using C2 audit mode including an introduction, comparison of auditing technologies, configuration and common criteria compliance

Creating a SQL Server audit using SQL Server Change Tracking

March 27, 2019 by Ahmad Yaseen

This continuation of our SQL Server auditing series is on SQL Server Change Tracking and will cover an overview, enabling, disabling, auditing DML changes including SQL updates and deletes.

Change Data Capture for auditing SQL Server

March 18, 2019 by Ahmad Yaseen

This article on Change Data Capture will provide an overview, notes on installation, architecture, enabling and disabling, auditing DML statements and limitations

SQL Server trace flags guide; from -1 to 840

March 4, 2019 by Nikola Dimitrijevic

SQL Server trace flags are configuration handles that can be used to enable or disable a specific SQL Server characteristic or to change a specific SQL Server behavior. It is an advanced SQL Server mechanism that allows drilling down into a hidden and advanced SQL Server features to ensure more effective troubleshooting and debugging, advanced monitoring of SQL Server behavior and diagnosing of performance issues, or turning on and off various SQL Server features

Temporal Tables in SQL Server

February 28, 2019 by Prashanth Jayaram

Temporal tables have been a feature of SQL Server since version 2016. SQL Server professionals have historically had several options to track data change events. The evolution of the data tracking mechanism started with Change tracking (CT), Change Data Capture (CDC) and now Temporal Tables.

Auditing by Reading the SQL Server Transaction Log

February 25, 2019 by Ahmad Yaseen

In the previous articles of this series, we discussed the reasons behind auditing the different SQL Server instance and database events, how to audit the SQL Server instance manually and using the Extended Events and Triggers methods. In this article, we will show how to audit your SQL Server instance by reading the content of the SQL Transaction Log file of the user database.

Creating a SQL Server audit using SQL Server Extended Events and Triggers

February 13, 2019 by Ahmad Yaseen

This article will provide an overview of manually creating a SQL Server audit using SQL Server Extended events and triggers. It will provide an overview of SQL tracing/profiling as well as extended events. I’ll walk you through how to create a new extended events session and how to use it, in a worked example, to audit failed logins. Finally, we’ll touch on an auditing approach using triggers

Implementing a manual SQL Server Audit

January 25, 2019 by Ahmad Yaseen

A SQL Server audit can be performed using various number of methods. This includes using the built-in SQL Server Audit feature, using third party tools from the SQL Server market or simply perform the audit task using the legacy methods manually. In the previous article of this series, SQL Server audit overview, we discussed the main concept of a SQL Server audit, the importance of auditing the SQL Server instance changes and the SQL server audit checklists. In this article, we will go through the manual procedures for auditing the SQL Server instance.

SQL Server Audit Overview

January 9, 2019 by Ahmad Yaseen

To fill an optimal role in all business’s computerized operations, information technology systems and infrastructure should be guaranteed, well controlled, aligned with the business goals and secured. Technology auditing ensures the evaluation and examination of these business requirements on an organization.

SQL data classification – Add sensitivity classification in SQL Server 2019

October 31, 2018 by Rajendra Gupta

SQL Server 2019 offers powerful new features to help in safeguarding your data and complying with various privacy regulations, which we’ll be covering in this article

SQL Server database auditing tools

September 17, 2018 by SQLShack

This collection of content presents an overview of top SQL Server database auditing tools, with product page links for each of the tools and screenshots if available. If you noticed a tool we missed, please let us know in the comments below.

All database auditing tools are sorted by alphabetical order.

How to continuously audit transaction log file data directly into a SQL Server database

August 23, 2018 by Prashanth Jayaram

Business transformation requires solid tools to automate complex integration to seamless deployments. In today’s modern data-rich world, nothing is more important than data management, making it critical to know how to safeguard and meet compliance requirement is very critical and the key to the business success.