CREATE SERVER AUDIT SPECIFICATION (Transact-SQL)

SQL Server 2008 Books Online (June 2009)

Updated: 31 October 2008

Creates a server audit specification object using the SQL Server Audit feature. For more information, see Understanding SQL Server Audit.

Transact-SQL Syntax Conventions

 Syntax

CREATE SERVER AUDIT SPECIFICATION audit_specification_name
FOR SERVER AUDIT audit_name
{
    { ADD ( { audit_action_group_name } ) 
        } [, ...n]
    [ WITH ( STATE = { ON | OFF } ) ]
}
[ ; ]

 Arguments

audit_specification_name

Name of the server audit specification.

audit_name

Name of the audit to which this specification is applied.

audit_action_group_name

Name of a group of server-level auditable actions. For a list of Audit Action Groups, see SQL Server Audit Action Groups and Actions.

WITH ( STATE = { ON | OFF } )

Enables or disables the audit from collecting records for this audit specification.

 Remarks

An audit must exist before creating a server audit specification for it. When a server audit specification is created, it is in a disabled state.

 Permissions

Users with the ALTER ANY SERVER AUDIT permission can create server audit specifications and bind them to any audit.

After a server audit specification is created, it can be viewed by principals with the, CONTROL SERVER, or ALTER ANY SERVER AUDIT permissions, the sysadmin account, or principals having explicit access to the audit.

 Examples

The following example creates a server audit specification called HIPPA_Audit_Specification that audits failed logins, for a SQL Server Audit called HIPPA_Audit.

CREATE SERVER AUDIT SPECIFICATION HIPPA_Audit_Specification
FOR SERVER AUDIT HIPPA_Audit
    ADD (FAILED_LOGIN_GROUP);
GO

For a full example about how to create an audit, see Understanding SQL Server Audit.

 See Also

Reference

CREATE SERVER AUDIT (Transact-SQL)
ALTER SERVER AUDIT (Transact-SQL)
DROP SERVER AUDIT (Transact-SQL)
ALTER SERVER AUDIT SPECIFICATION (Transact-SQL)
DROP SERVER AUDIT SPECIFICATION (Transact-SQL)
CREATE DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER DATABASE AUDIT SPECIFICATION (Transact-SQL)
DROP DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER AUTHORIZATION (Transact-SQL)
fn_get_audit_file (Transact-SQL)
sys.server_audits (Transact-SQL)
sys.server_file_audits (Transact-SQL)
sys.server_audit_specifications (Transact-SQL)
sys.server_audit_specification_details (Transact-SQL)
sys.database_audit_specifications (Transact-SQL)
sys.database_audit_specification_details (Transact-SQL)
sys.dm_server_audit_status (Transact-SQL)
sys.dm_audit_actions (Transact-SQL)

Other Resources

Audits Node (Object Explorer)
Audits (General Page)
Server Audit Specifications (General Page)
Database Audit Specifications (General Page)

Help and Information

Getting SQL Server 2008 Assistance

 Change History

Updated content
Corrected the Permissions section.