Microsoft SQL Server Audit

With SQL Server 2008, Microsoft introduced an SQL Server Audit feature that provides a true auditing solution for enterprise customers. While SQL Trace can be used to satisfy many auditing needs, SQL Server Audit offers a number of advantages that can help DBAs more easily achieve their goals, such as meeting regulatory compliance requirements.

The SQL Server Audit feature is intended to replace SQL Trace as the preferred auditing solution. SQL Server Audit is meant to provide full auditing capabilities and only auditing capabilities, unlike SQL Trace, which is also used for performance debugging.

Configuring SQL Server Audit

For complete information about auditing in SQL Server, see Microsoft's SQL Server documentation.

Using SQL Server Management Studio, create a server audit as follows:

1. In Object Explorer, expand the Security folder.
2. Right-click the Audits folder and select New Audit to open a Create Audit window.
3. Enter a name for your audit (for example, LoginFailed).  For Audit destination, select ApplicationLog from the list.
4. Click OK to accept the default settings and save the new audit specification.
5. The new audit will appear in the Audits folder.  To enable the audit, select the audit you created, right-click, and select Enable Audit.

Customizing Event Source Mapping

For information about customizing event source mapping, see Customizing Event Source Mapping.