SQL Audit logs in Azure Log Analytics and Azure Event Hubs

We are pleased to announce that Azure SQL Database Audit logs can now be written directly to Azure Log Analytics or Azure Event Hubs. This ability, now available in public preview, provides SQL Database Auditing customers with an easy way to centrally manage all of their log data, along with a rich set of tools… Read more

Blob Auditing in Azure SQL Database is Generally Available

We are excited to announce that SQL Blob Auditing is now Generally Available in Azure SQL Database. Blob Auditing tracks database events and writes audited events to an audit log in your Azure Storage account. Auditing can help maintain regulatory compliance, understand database activity, and gain insight into discrepancies and anomalies that could indicate business concerns or suspected security… Read more

Filtering (obfuscating) Sensitive Text in SQL Server

  A very common concern when dealing with sensitive data such as passwords is how to make sure that such data is not exposed through traces. SQL Server can detect and filter the SQL statements in traces that include the usage of DDL and built-ins (such as OPEN SYMMETRIC KEY, and EncryptByKey) that are known… Read more

How To Choose Audit Action Group When Using Auditing in SQL Server 2008

SQL Sever 2008 introduces auditing feature which can audit both server-level events and database-level events and several specific database actions. Please check http://msdn.microsoft.com/en-us/library/cc280386.aspx for more details. One difficulty the user may have is which action group should be used when trying to audit the interested events.  For example if the user wants to audit all… Read more

How to create a SQL trace using T-SQL

Some users want to know if there is a way to monitor events on SQL server without using SQL Profiler. Yes, there is: the engine support behind SQL Profiler is the feature called SQL Trace which is introduced in SQL 2005. SQL Trace provides a set of stored procedures to create traces on an instance… Read more

SQL Audit Buffering and Error Handling

I’ve had several questions about how exactly the buffering and error handling works in SQL Audit and thought it would help to give some more detail. For starters, let’s break down the event firing workflow into the following stages: 1. Permission Check/Audit Check 2. Filling out the event 3. Distribute event to Audit Extended Event… Read more