A Sql Server 2012 Database Audit performs an audit on sysadmins when you specify the principal DBO. However, this causes ALL the sysadmins to be audited. What configuration or solution can be used to audit ONLY 1 specific group that has sysadmin membership without auditing all the activity by ALL sysadmins? We are trying to cut down on action events that are not necessary (i.e. sql engine service account or other service accounts that are sysadmin and do not need audited). This is a user database.
Sql-server – Auditing sysadmin members by a specific group
auditSecuritysql serversql-server-2012
Related Question
- Sql-server – MSSQL Mixed-Mode Users cant connect unless they are in the server sysadmin role
- Sql-server – Sql Server Agent is part of the sysadmin role even tough Sql Server says it’s not
- Sql-server – SQL Server Audit not tracking changes at the database level
- SQL Server Service Account – Points to Consider When Replacing
- Sql-server – Auditing sysadmin logons with Extended Events
- SQL Server – How to Audit Successful Logins for Certain Users
- Sql-server – SQL Server DML auditing – Triggers vs SQL Server Audit Feature (vs temporal tables vs change data capture)
Best Answer
One option may be to add individual sysadmins as users to the databases in question, add those users to a custom role with no explicit permissions (effectively like public), and setup the database audit specification to track actions for the custom role.