如何定义数据库审计规范 'BY Any User'
How to define a database audit specification 'BY Any User'
我想跟踪多个表的插入更新和删除。我目前拥有的是
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
ADD (UPDATE ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
ADD (DELETE ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
... More Tables ..
WITH (STATE = ON);
是否有一组 Principals 等同于 "Any User",我可以在我的脚本中使用它来代替 'SomeUser'?
您可以使用 public 组
例如:
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT ON OBJECT::[dbo].[SomeTable] BY [public])
...
或您的所有用户所属的任何其他组。
您还可以对要审核的事件进行分组,
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT, UPDATE, DELETE ON OBJECT::[dbo].[SomeTable] BY [public])
...
如果你想审计所有的表你可以使用数据库对象
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT, UPDATE, DELETE ON DATABASE::databasename BY [public])
...
我想跟踪多个表的插入更新和删除。我目前拥有的是
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
ADD (UPDATE ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
ADD (DELETE ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
... More Tables ..
WITH (STATE = ON);
是否有一组 Principals 等同于 "Any User",我可以在我的脚本中使用它来代替 'SomeUser'?
您可以使用 public 组
例如:
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT ON OBJECT::[dbo].[SomeTable] BY [public])
...
或您的所有用户所属的任何其他组。
您还可以对要审核的事件进行分组,
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT, UPDATE, DELETE ON OBJECT::[dbo].[SomeTable] BY [public])
...
如果你想审计所有的表你可以使用数据库对象
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT, UPDATE, DELETE ON DATABASE::databasename BY [public])
...