How to start and set up SQL Server Audit

How to start and set up SQL Server Audit

SQL Server Audit, now native to SQL Server, is integrated into SQL Server Management Studio (SSMS). This provides an easy interface for detailed auditing, which facilitates the tracking and logging of events in the SQL Server database engine.
Although a detailed description of how to implement an audit in SQL Server is beyond the scope of this article, the following steps provide an overview of the SQL Server Audit process:

1. Create a server audit that defines the target.
2. Create the necessary server and database audit specifications.
3. Enable the server audit and the specifications.
4. Read the events once they've been recorded in the target.

You can read the events in Windows Event Viewer if you configured your server audit to point to the Windows Security or Application event log. You can also use Log File Viewer in SSMS to view the Windows event logs or to view the audit binary files, if you configured your SQL Server audit to use files as your target. In addition, you can use the sys.fn_get_audit_file system function to retrieve the event data from the binary files.

Step 1: Invest in good application design

Step 1: Invest in good application design

Nothing has a greater impact on application performance than application design. A poorly designed application will perform badly on the best hardware, and throwing more hardware at a bad design will often result in little application performance improvement.
Spend your up-front resources on sound application design principles and an exhaustive and representative QA process. For instance, during the design and development phases, developers should keep a close eye on the bottlenecks and address the most significant problem areas. During QA, the application should be load-tested using products like Segue Software Inc.'s SilkCentral, Mercury Interactive Corp.'s LoadRunner or even Microsoft Visual Studio's Application Center Test to see how the application performs under representative load and stress.

The lowdown on SQL Server auditing tools

The lowdown on SQL Server auditing tools

When Microsoft released SQL Server 2008, they introduced SQL Server Audit, which are comprehensive SQL Server auditing tools that address many of the limitations of auditing capabilities in earlier versions of SQL Server, when DBAs had to rely on SQL Trace and other tools. But SQL Server Audit is now native to SQL Server and, as such, is integrated into SQL Server Management Studio (SSMS), providing a simple interface for implementing auditing at a fine-grained level so you can target specific objects, actions and principals.
SQL Server Audit tracks and logs events that occur in the database engine. It can record events at the server level or individual database level, although the latter is possible only in the SQL Server Enterprise and Developer editions. SQL Server Audit provides the SQL Server auditing tools necessary to set up, enable, store and view event data, and is fully manageable not only through SSMS but also T-SQL and Server Management Objects (SMO). Unlike SQL Trace, which is as much about performance monitoring as it is event tracking, SQL Server Audit focuses only on auditing in order to deliver the security, performance and manageability necessary to ensure comprehensive auditing.

The Microsoft Assessment and Planning Toolkit

http://www.microsoft.com/en-us/download/details.aspx?&id=7826

The Microsoft Assessment and Planning Toolkit makes it easy to assess your current IT infrastructure for a variety of technology migration projects. This Solution Accelerator provides a powerful inventory, assessment, and reporting tool to simplify the migration planning process.