0
点赞
收藏
分享

微信扫一扫

MSSQL SERVER上部署审计

1.在数据库上创建审计

USE [master]
GO

CREATE SERVER AUDIT [audit_mssql]
TO FILE 
(	FILEPATH = N'D:\audit\mssql'
	,MAXSIZE = 100 MB
	,MAX_ROLLOVER_FILES = 100
	,RESERVE_DISK_SPACE = OFF
)
WITH
(	QUEUE_DELAY = 1000
	,ON_FAILURE = CONTINUE
)
GO

2.在数据库上启用审计

USE [master]
GO

ALTER SERVER AUDIT  [audit_mssql]
WITH (STATE = ON);  
GO

3.在数据库上创建审计规则

USE [master]
GO

CREATE SERVER AUDIT SPECIFICATION [test_mssql_spec]
FOR SERVER AUDIT [audit_mssql]
ADD (AUDIT_CHANGE_GROUP),
ADD (SUCCESSFUL_LOGIN_GROUP),
ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP),
ADD (FAILED_LOGIN_GROUP),
ADD (FAILED_DATABASE_AUTHENTICATION_GROUP),
ADD (LOGOUT_GROUP),
ADD (DATABASE_LOGOUT_GROUP),
ADD (BROKER_LOGIN_GROUP),
ADD (DATABASE_MIRRORING_LOGIN_GROUP),
ADD (LOGIN_CHANGE_PASSWORD_GROUP),
ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP),
ADD (USER_CHANGE_PASSWORD_GROUP),
ADD (DATABASE_PERMISSION_CHANGE_GROUP),
ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP),
ADD (DATABASE_PRINCIPAL_CHANGE_GROUP),
ADD (SERVER_OBJECT_PERMISSION_CHANGE_GROUP),
ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP),
ADD (SERVER_PERMISSION_CHANGE_GROUP),
ADD (SERVER_ROLE_MEMBER_CHANGE_GROUP),
ADD (BACKUP_RESTORE_GROUP),
ADD (DATABASE_CHANGE_GROUP),
ADD (SERVER_OPERATION_GROUP),
ADD (SERVER_STATE_CHANGE_GROUP),
ADD (SERVER_PRINCIPAL_CHANGE_GROUP)
GO

4.启用审计规则

USE [master]
GO

ALTER SERVER AUDIT SPECIFICATION  [test_mssql_spec]
WITH (STATE = ON);  
GO

审计策略回滚操作

禁用审计规则

USE [master]
GO

ALTER SERVER AUDIT SPECIFICATION  [test_mssql_spec]
WITH (STATE = OFF);  
GO

禁用审计

USE [master]
GO

ALTER SERVER AUDIT  [audit_mssql]
WITH (STATE = OFF);  
GO

删除审计规则

DROP SERVER AUDIT SPECIFICATION [test_mssql_spec]

删除审计

DROP SERVER AUDIT [audit_mssql]

举报

相关推荐

0 条评论