Export (0) Print
Expand All

sys.server_audits (Transact-SQL)

Contains one row for each SQL Server audit in a server instance. For more information, see SQL Server Audit (Database Engine).

Applies to: SQL Server (SQL Server 2008 through current version).

Column name

Data type

Description

audit_id

int

ID of the audit.

name

sysname

Name of the audit.

audit_guid

uniqueidentifier

GUID for the audit that is used to enumerate audits with member Server|Database audit specifications during server start-up and database attach operations.

create_date

datetime

UTC date the audit was created.

modify_date

datetime

UTC date the audit was last modified.

principal_id

int

ID of the owner of the audit, as registered to the server.

type

char(2)

Audit type:

SL – NT Security event log

AL – NT Application event log

FL – File on file system

type_desc

nvarchar(60)

SECURITY LOG

APPICATION LOG

FILE

on_failure

tinyint

On Failure to write an action entry:

0 – Continue

1 – Shutdown server instance

2 – Fail operation

on_failure_desc

nvarchar(60)

On Failure to write an action entry:

CONTINUE

SHUTDOWN SERVER INSTANCE

FAIL_OPERATION

is_state_enabled

tinyint

0 – Disabled

1 - Enabled

queue_delay

int

Maximum time, in milliseconds, to wait before writing to disk. If 0, the audit will guarantee a write before an event can continue.

predicate

nvarchar(3000)

The predicate expression that is applied to the event.

Principals with the VIEW AUDIT STATE permission have access to this catalog view.

The visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.

Community Additions

ADD
Show:
© 2014 Microsoft