The SQL Data Level Auditing page is displayed when SQL Data Level is selected from the Auditing task list in the navigation pane of the Administration Tasks tab. From this page you can launch the SQL Data Level Auditing wizard to specify the SQL instances and the operations to audit. You can also edit existing templates and remove templates that are no longer being used.
NOTE: Authorization to use the administration tasks on the Administrations Tasks tab is defined using the Application User Interface page under the Configuration task list. If you are denied access to the tasks on this page, see the Change Auditor User Guide for more information on how to gain access. |
The SQL Data Level Auditing page contains an expandable view of all the SQL Data Level Auditing templates that have been defined. To add a new template, click the Add tool bar button. Once added, the following information is provided for each template:
2 |
Click Auditing. |
3 |
Select SQL Data level (under the Applications heading in the Auditing task list) to open the SQL Data Level Auditing page. |
4 |
Click Add to open the SQL Data Level auditing wizard which will step you through the process of creating a template. |
• |
Select the Default option to audit the default instance. |
• |
Select the Named option to audit a named instance. |
• |
Enter the credentials required for the agent to access the SQL sever. Click Test credentials to ensure the specified database can be opened on the target server. |
• |
In the Filter where fields, enter the operator and value to be used in the filter. In the first field (left) use the drop-down menu to select the operator (In, Not in, Like or Not Like; =, !=). The operators listed are based on the entry selected in the Filters list above. In the second field (right) enter the value or string to be used in the filter. |
• |
Click Add to add it to the Filter list at the bottom of the page. |
NOTE: To add multiple filters, select the column filter row after which the new filter is to be added, and then specify whether all criteria must be met or only some of the criteria. If Join filters with AND is selected, all filters specified must be satisfied before an event can be audited. If Join filters with OR is selected, only one of the specified filters needs to be satisfied. |
8 |
On the next page of the wizard, you can specify the columns within a table that are deemed to potentially include sensitive information. Select Refresh Columns to update the data. Once these columns are identified, their data will not be recorded in the database and will display in the Event Details pane as “***” to maintain privacy. |
9 |
Clicking Finish creates the template, close the wizard, and return to the SQL DL Auditing page, where the newly created template will now be listed. |
10 |
Select the Change Auditor agent from the Configuration page and click Refresh Configuration. |
3 |
Click Finish to save the changes. |
• |
Place your cursor in the Status cell for the template to be disabled, click the arrow control and select Disabled. |
2 |
To re-enable the auditing template, use the Enable option in either the Status cell or right-click menu. |
1 |
On the SQL Data Level Auditing page, select the template to be deleted and click Delete | Delete Template. |
The SQL Data Level Auditing wizard opens when you click Add or Edit on the SQL Data Level Auditing page. This wizard steps you through the process of creating a template, identifying the SQL server, instances, and database to included in the template. You can also use this wizard to modify a previously defined template.
The following table provides a description of the fields and controls in the SQL DL auditing wizard.
Create or modify a SQL Data Level Auditing Template page: On the first page of the wizard, enter a name for the template and select the SQL instance to audit. | |||||||
Select one of the following options:
| |||||||
Enter the credentials required for the agent to access the SQL sever. Click Test Credentials to ensure the specified database can be opened on the target server. | |||||||
Select the operations to audit page: From this page, select the SQL Data Level operations (event classes) to audit on the selected SQL instance. You must select at least one operation. | |||||||
This grid displays the following information for each event class:
| |||||||
Select the operations (event classes) that are to be audited. At least one event must be selected. | |||||||
Select auditing filters page: Using the filtering page you can optionally define criteria to limit the data retrieved. These filters allow you to capture only the required information in high traffic databases. | |||||||
The data grid across the top of the page displays the SQL columns available for filtering. Select/highlight an entry and then use the Filter where fields to define the operator and values to be used in the filter. | |||||||
In the first field (left) use the drop-down menu to select the operator (In, Not in, Like or Not Like; =, !=). The operators listed are based on the entry selected in the Filters list above. In the second field (right) enter the value or string to be used in the filter In the second field (right) enter the value or string to be used in the filter. | |||||||
Use to move the filter entered above to the Column Filter list at the bottom of the page. | |||||||
Use to remove the selected entry from the Column Filter list. | |||||||
Use to change the operator or value of the filter selected in the Column Filter list. | |||||||
Specify columns with sensitive data page: From here you can specify the columns within a table that are deemed to potentially include sensitive information. | |||||||
The data grid across the top of the page displays the SQL table/columns/ and data type. Select/highlight an entry and then use the Add and Remove buttons to define the values to be used in the filter. Select Refresh Columns to update the data. |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center