| title | sys.server_audits (Transact-SQL) | ||||
|---|---|---|---|---|---|
| description | sys.server_audits (Transact-SQL) | ||||
| author | sravanisaluru | ||||
| ms.author | srsaluru | ||||
| ms.date | 03/23/2022 | ||||
| ms.prod | sql | ||||
| ms.prod_service | database-engine | ||||
| ms.technology | system-objects | ||||
| ms.topic | reference | ||||
| f1_keywords |
|
||||
| helpviewer_keywords |
|
||||
| dev_langs |
|
||||
| ms.assetid | c2c4a000-1127-46a8-b1e9-947fd1136e1e |
[!INCLUDE SQL Server]
Contains one row for each [!INCLUDEssNoVersion] audit in a server instance. For more information, see SQL Server Audit (Database Engine).
| Column name | Data type | Description |
|---|---|---|
| audit_id | int | ID of the audit. |
| name | sysname | Name of the audit. |
| audit_guid | uniqueidentifier | GUID for the audit that is used to enumerate audits with member Server|Database audit specifications during server start-up and database attach operations. |
| create_date | datetime | UTC date the audit was created. |
| modify_date | datetime | UTC date the audit was last modified. |
| principal_id | int | ID of the owner of the audit, as registered to the server. |
| type | char(2) | Audit type: SL - NT Security event log AL - NT Application event log FL - File on file system |
| type_desc | nvarchar(60) | SECURITY LOG APPICATION LOG FILE |
| on_failure | tinyint | On Failure to write an action entry: 0 - Continue 1 - Shutdown server instance 2 - Fail operation |
| on_failure_desc | nvarchar(60) | On Failure to write an action entry: CONTINUE SHUTDOWN SERVER INSTANCE FAIL_OPERATION |
| is_state_enabled | tinyint | 0 - Disabled 1 - Enabled |
| queue_delay | int | Maximum time, in milliseconds, to wait before writing to disk. If 0, the audit will guarantee a write before an event can continue. |
| predicate | nvarchar(3000) | The predicate expression that is applied to the event. |
Principals with the ALTER ANY SERVER AUDIT or VIEW ANY DEFINITION permission have access to this catalog view. In addition, the principal must not be denied VIEW ANY DEFINITION permission.
[!INCLUDEssCatViewPerm] For more information, see Metadata Visibility Configuration.
CREATE SERVER AUDIT (Transact-SQL)
ALTER SERVER AUDIT (Transact-SQL)
DROP SERVER AUDIT (Transact-SQL)
CREATE SERVER AUDIT SPECIFICATION (Transact-SQL)
ALTER SERVER AUDIT SPECIFICATION (Transact-SQL)
DROP SERVER AUDIT SPECIFICATION (Transact-SQL)
CREATE DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER DATABASE AUDIT SPECIFICATION (Transact-SQL)
DROP DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER AUTHORIZATION (Transact-SQL)
sys.fn_get_audit_file (Transact-SQL)
sys.server_file_audits (Transact-SQL)
sys.server_audit_specifications (Transact-SQL)
sys.server_audit_specification_details (Transact-SQL)
sys.database_audit_specifications (Transact-SQL)
sys.database_audit_specification_details (Transact-SQL)
sys.dm_server_audit_status (Transact-SQL)
sys.dm_audit_actions (Transact-SQL)
sys.dm_audit_class_type_map (Transact-SQL)
Create a Server Audit and Server Audit Specification