RE: Security Audit Level
From: Michael Cheng [MSFT] (v-mingqc_at_online.microsoft.com)
Date: 05/06/04
- Next message: Dan Guzman: "Re: Corrupt Index"
- Previous message: Eric Cárdenas [MSFT]: "RE: Getting error "[311] Maildispatcher Thread (ID 1444) still running" when I try to restart the SQLServerAgent"
- In reply to: Lijun Zhang: "Security Audit Level"
- Next in thread: Michael Cheng [MSFT]: "RE: Security Audit Level"
- Reply: Michael Cheng [MSFT]: "RE: Security Audit Level"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 06 May 2004 04:15:07 GMT
Hi Lijun,
Thanks forJasper and Greg's reply.
Based on my knowledge, we use Audit level to select the level at which user
accesses to Microsoft SQL Server are recorded in the SQL Server error log.
None causes no auditing to be performed.
Success causes only successful login attempts to be audited.
Failure causes only failed login attempts to be audited.
All causes successful and failed login attempts to be audited.
Moreover, detailed information for SQL Server 2000 Audit could be found at
How to set up Mixed Mode security (Enterprise Manager)
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/howtosql/ht
_6_secrty_2dh5.asp
SQL Server 2000 Auditing
By John Howie
http://www.microsoft.com/technet/security/prodtech/dbsql/sql2kaud.mspx
Chapter 18 ¨C Securing Your Database Server
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/THCMCh18.asp
John Howie's SQL Server 2000 Auditing will give you a general view on
architecture of SQL Server auditing, while Securing Your Database Server
give you more project experience.
Anyway, Microsoft recommends auditing, at minimum, failed login attempts.
Auditing failed login attempts helps determine if unauthorized users are
attempting to access the system, which, I believe, will be more helpful to
troubleshooting
Thank you for your patience and cooperation. If you have any questions or
concerns, don't hesitate to let me know. We are here to be of assistance!
Sincerely yours,
Michael Cheng
Microsoft Online Support
***********************************************************
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
Please reply to newsgroups only, many thanks.
- Next message: Dan Guzman: "Re: Corrupt Index"
- Previous message: Eric Cárdenas [MSFT]: "RE: Getting error "[311] Maildispatcher Thread (ID 1444) still running" when I try to restart the SQLServerAgent"
- In reply to: Lijun Zhang: "Security Audit Level"
- Next in thread: Michael Cheng [MSFT]: "RE: Security Audit Level"
- Reply: Michael Cheng [MSFT]: "RE: Security Audit Level"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
