Databases Reference
In-Depth Information
Table 12.2
Security-related SQL Server trace events
Event ID
Event Class
Description
102
Audit Statement
GDR
Occurs every time a GRANT, DENY, REVOKE
for a statement permission is issued by any user in
SQL Server.
103
Audit Object GDR
Occurs every time a GRANT, DENY, REVOKE
for an object permission is issued by any user in
SQL Server.
104
Audit Add/Drop
Login
Occurs when a SQL Server login is added or
removed—
and
.
sp_addlogin
sp_droplogin
105
Audit Login GDR
Occurs when a Windows login right is added or
removed—
,
sp_revokelogin
, and
sp_grantlogin
sp_denylogin
.
106
Audit Login Change
Property
Occurs when a property of a login, except pass-
words, is modified—
sp_defaultdb
and
sp_defaultlanguage
.
107
Audit Login Change
Password
Occurs when a SQL Server login password is
changed.
108
Audit Add Login to
Server Role
Occurs when a login is added or removed from a
fixed server role—
sp_addsrvrolemember
and
sp_dropsrvrolemember
.
109
Audit Add DB User
Occurs when a login is added or removed as a
database user (Windows or SQL Server) to a data-
base—
sp_grantdbaccess
,
sp_revokedbaccess
,
sp_adduser
, and
sp_dropuser
.
110
Audit Add Member
to DB
Occurs when a login is added or removed as a
database user (fixed or user-defined) to a data-
base—
sp_addrolemember
,
sp_droprolemember
,
and
sp_changegroup
.
111
Audit Add/Drop
Role
Occurs when a login is added or removed as a database
user to a database—
sp_addrole
and
sp_droprole
.
112
App Role Pass
Change
Occurs when a password of an application role is
changed.
113
Audit Statement
Permission
Occurs when a statement permission (such as
CREATE TABLE) is used.
114
Audit Object Per-
mission
Occurs when an object permission (such as
SELECT) is used, both successfully or unsuccess-
fully.
Search WWH ::
Custom Search