Security Audit Event Category (SQL Server Profiler)
The Security Audit event category contains security audit events.
In This Section
Topic | Description |
---|---|
Audit Add DB User Event Class | Indicates that a login has been added or removed as a database user to a database. |
Audit Add Login to Server Role Event Class | Indicates that a login was added or removed from a fixed server role. |
Audit Add Member to DB Role Event Class | Indicates that a login has been added to or removed from a role. |
Audit Add Role Event Class | Indicates that a database role was added to or removed from a database. |
Audit Addlogin Event Class | Indicates that a login has been added or removed. |
Audit App Role Change Password Event Class | Indicates that a password has been changed for an application role. |
Audit Backup and Restore Event Class | Indicates that a backup or restore statement has been issued. |
Audit Broker Conversation Event Class | Reports audit messages related to Service Broker dialog security. |
Audit Broker Login Event Class | Reports audit messages related to Service Broker transport security. |
Audit Change Audit Event Class | Indicates that an audit trace modification has been made. |
Audit Change Database Owner Event Class | Indicates that the permissions to change the owner of a database have been checked. |
Audit Database Management Event Class | Indicates that a database has been created, altered, or dropped. |
Audit Database Mirroring Login Event Class | Reports audit messages related to database mirroring transport security. |
Audit Database Object Access Event Class | Indicates that a database object, such as a schema, has been accessed. |
Audit Database Object GDR Event Class | Indicates that a GDR event for a database object has occurred. |
Audit Database Object Management Event Class | Indicates that a CREATE, ALTER, or DROP statement was executed on a database object. |
Audit Database Object Take Ownership Event Class | Indicates that there has been a change of owner for objects in database scope. |
Audit Database Operation Event Class | Indicates that various operations such as checkpoint or subscribe query notification have occurred. |
Audit Database Principal Impersonation Event Class | Indicates that an impersonation has occurred within the database scope. |
Audit Database Principal Management Event Class | Indicates that principals have been created, altered, or dropped from a database. |
Audit Database Scope GDR Event Class | Indicates that a GRANT, REVOKE, or DENY has been issued for a statement permission by a user in Microsoft SQL Server. |
Audit DBCC Event Class | Indicates that a DBCC command has been issued. |
Audit Fulltext Event Class | Indicates that a full-text event has occured. |
Audit Login Change Password Event Class | Indicates that a user has changed their SQL Server login password. |
Audit Login Change Property Event Class | Indicates that sp_defaultdb, sp_defaultlanguage, or ALTER LOGIN was used to modify a property of a login. |
Audit Login Event Class | Indicates that a user has successfully logged into SQL Server. |
Audit Login Failed Event Class | Indicates that a user attempted to log in to SQL Server and failed. |
Audit Login GDR Event Class | Indicates that a Microsoft Windows login right was added or removed. |
Audit Logout Event Class | Indicates that a user has logged out of SQL Server. |
Audit Object Derived Permission Event Class | Indicates that a CREATE, ALTER, or DROP was issued for an object. |
Audit Schema Object Access Event Class | Indicates that an object permission (such as SELECT) has been used. |
Audit Schema Object GDR Event Class | Indicates that a GRANT, REVOKE, or DENY was issued for a schema object permission by a user in SQL Server. |
Audit Schema Object Management Event Class | Indicates that a server object has been created, altered, or dropped. |
Audit Schema Object Take Ownership Event Class | Indicates that the permissions to change the owner of schema object have been checked. |
Audit Server Alter Trace Event Class | Indicates that the ALTER TRACE permission has been checked. |
Audit Server Object GDR Event Class | Indicates that a GDR event for a schema object has occurred. |
Audit Server Object Management Event Class | Indicates that a CREATE, ALTER, or DROP event has occurred for a server object. |
Audit Server Object Take Ownership Event Class | Indicates that a server object owner has changed. |
Audit Server Operation Event Class | Indicates that Audit operations have occurred in the server. |
Audit Server Principal Impersonation Event Class | Indicates that an impersonation has occurred within the server scope. |
Audit Server Principal Management Event Class | Indicates that a CREATE, ALTER, or DROP has occurred for a server principal. |
Audit Server Scope GDR Event Class | Indicates that a GDR event has occurred for server permissions. |
Audit Server Starts and Stops Event Class | Indicates that the SQL Server service state has been modified. |
Audit Statement Permission Event Class | Indicates that a statement permission has been used. |