ALTER SERVER AUDIT SPECIFICATION (Transact-SQL)
Alters a server audit specification object using the SQL Server Audit feature. For more information, see Understanding SQL Server Audit.
Users with the ALTER ANY SERVER AUDIT permission can alter server audit specifications and bind them to any audit.
After a server audit specification is created, it can be viewed by principals with the CONTROL SERVER, or ALTER ANY SERVER AUDIT permissions, the sysadmin account, or principals having explicit access to the audit.
The following example creates a server audit specification called HIPPA_Audit_Specification. It drops the audit action group for failed logins, and adds an audit action group for Database Object Access for a SQL Server audit called HIPPA_Audit.
ALTER SERVER AUDIT SPECIFICATION HIPPA_Audit_Specification FOR SERVER AUDIT HIPPA_Audit DROP (FAILED_LOGIN_GROUP) ADD (DATABASE_OBJECT_ACCESS_GROUP); GO
For a full example about how to create an audit, see Understanding SQL Server Audit.