| title | sys.server_audits (Transact-SQL) | Microsoft Docs | ||||
|---|---|---|---|---|---|
| ms.custom | |||||
| ms.date | 04/05/2016 | ||||
| ms.prod | sql-non-specified | ||||
| ms.reviewer | |||||
| ms.suite | |||||
| ms.technology |
|
||||
| ms.tgt_pltfrm | |||||
| ms.topic | language-reference | ||||
| f1_keywords |
|
||||
| dev_langs |
|
||||
| helpviewer_keywords |
|
||||
| ms.assetid | c2c4a000-1127-46a8-b1e9-947fd1136e1e | ||||
| caps.latest.revision | 19 | ||||
| author | BYHAM | ||||
| ms.author | rickbyh | ||||
| manager | jhubbard |
[!INCLUDEtsql-appliesto-ss2008-xxxx-xxxx-xxx_md]
Contains one row for each [!INCLUDEssNoVersion] audit in a server instance. For more information, see SQL Server Audit (Database Engine).
| Column name | Data type | Description |
|---|---|---|
| audit_id | int | ID of the audit. |
| name | sysname | Name of the audit. |
| audit_guid | uniqueidentifier | GUID for the audit that is used to enumerate audits with member Server|Database audit specifications during server start-up and database attach operations. |
| create_date | datetime | UTC date the audit was created. |
| modify_date | datetime | UTC date the audit was last modified. |
| principal_id | int | ID of the owner of the audit, as registered to the server. |
| type | char(2) | Audit type: SL – NT Security event log AL – NT Application event log FL – File on file system |
| type_desc | nvarchar(60) | SECURITY LOG APPICATION LOG FILE |
| on_failure | tinyint | On Failure to write an action entry: 0 – Continue 1 – Shutdown server instance 2 – Fail operation |
| on_failure_desc | nvarchar(60) | On Failure to write an action entry: CONTINUE SHUTDOWN SERVER INSTANCE FAIL_OPERATION |
| is_state_enabled | tinyint | 0 – Disabled 1 - Enabled |
| queue_delay | int | Maximum time, in milliseconds, to wait before writing to disk. If 0, the audit will guarantee a write before an event can continue. |
| predicate | nvarchar(3000) | The predicate expression that is applied to the event. |
Principals with the ALTER ANY SERVER AUDIT or VIEW ANY DEFINITION permission have access to this catalog view. In addition, the principal must not be denied VIEW ANY DEFINITION permission.
[!INCLUDEssCatViewPerm] For more information, see Metadata Visibility Configuration.
CREATE SERVER AUDIT (Transact-SQL)
ALTER SERVER AUDIT (Transact-SQL)
DROP SERVER AUDIT (Transact-SQL)
CREATE SERVER AUDIT SPECIFICATION (Transact-SQL)
ALTER SERVER AUDIT SPECIFICATION (Transact-SQL)
DROP SERVER AUDIT SPECIFICATION (Transact-SQL)
CREATE DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER DATABASE AUDIT SPECIFICATION (Transact-SQL)
DROP DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER AUTHORIZATION (Transact-SQL)
sys.fn_get_audit_file (Transact-SQL)
sys.server_file_audits (Transact-SQL)
sys.server_audit_specifications (Transact-SQL)
sys.server_audit_specification_details (Transact-SQL)
sys.database_audit_specifications (Transact-SQL)
sys.database_audit_specification_details (Transact-SQL)
sys.dm_server_audit_status (Transact-SQL)
sys.dm_audit_actions (Transact-SQL)
sys.dm_audit_class_type_map (Transact-SQL)
Create a Server Audit and Server Audit Specification