Export (0) Print
Expand All
0 out of 1 rated this helpful - Rate this topic

sys.server_audits (Transact-SQL)

Contains one row for each SQL Server audit in a server instance. For more information, see SQL Server Audit (Database Engine).

Column name

Data type

Description

audit_id

int

ID of the audit.

name

sysname

Name of the audit.

audit_guid

uniqueidentifier

GUID for the audit that is used to enumerate audits with member Server|Database audit specifications during server start-up and database attach operations.

create_date

datetime

UTC date the audit was created.

modify_date

datetime

UTC date the audit was last modified.

principal_id

int

ID of the owner of the audit, as registered to the server.

type

char(2)

Audit type:

SL – NT Security event log

AL – NT Application event log

FL – File on file system

type_desc

nvarchar(60)

SECURITY LOG

APPICATION LOG

FILE

on_failure

tinyint

On Failure to write an action entry:

0 – Continue

1 – Shutdown server instance

2 – Fail operation

on_failure_desc

nvarchar(60)

On Failure to write an action entry:

CONTINUE

SHUTDOWN SERVER INSTANCE

FAIL_OPERATION

is_state_enabled

tinyint

0 – Disabled

1 - Enabled

queue_delay

int

Maximum time, in milliseconds, to wait before writing to disk. If 0, the audit will guarantee a write before an event can continue.

predicate

nvarchar(3000)

The predicate expression that is applied to the event.

Principals with the VIEW AUDIT STATE permission have access to this catalog view.

The visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.