sys.server_audits (Transact-SQL)

Contains one row for each SQL Server audit in a server instance. For more information, see Understanding SQL Server Audit.

Column name

Data type

Description

name

Sysname

Name of the audit.

audit_id

int

ID of the audit.

create_date

Datetime

UTC date the audit was created.

modify_date

Datetime

UTC date the audit was last modified.

principal_id

int

ID of the owner of the audit, as registered to the server.

type

char(2)

Audit type:

SL – NT Security event log

AL – NT Application event log

FL – File on file system

type_desc

Nvarchar(60)

SECURITY LOGAPPICATION LOG

FILE

queue_delay

Int

Maximum time, in milliseconds, to wait before writing to disk. If 0, the audit will guarantee a write before an event can continue.

on_failure

Tinyint

On Failure to write an action entry:0 – Continue1 – Shutdown server instance

on_failure_desc

Nvarchar(60)

On Failure to write an action entry:CONTINUESHUTDOWN SERVER INSTANCE

is_state_enabled

tinyint

0 – Disabled

1 - Enabled

audit_GUID

uniqueidentifier

GUID for the audit that is used to enumerate audits with member Server|Database audit specifications during server start-up and database attach operations.

Permissions

Principals with the VIEW AUDIT STATE permission have access to this catalog view.

In SQL Server 2005 and later versions, the visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.

See Also

Reference

Concepts