?
Solved

Mandatory auditing or C2 auditing enabling

Posted on 2007-10-03
6
Medium Priority
?
822 Views
Last Modified: 2008-01-09
I need to enable Mandatory auditing and I have no idea how.  I saw where I can set the audit level to all, but I could use some help with this.  I need to enable the C2 audit option and configure a great number of events.  I really need a procedure as I have no idea where or how to do this.  The events I need to add include Audit Add DB User Event
Audit Add Role Event
etc.  There is a list of 20-some events I need to add.
0
Comment
Question by:awakenings
  • 3
  • 3
6 Comments
 
LVL 16

Accepted Solution

by:
SQL_SERVER_DBA earned 2000 total points
ID: 20006301
USE master
EXEC sp_configure 'show advanced option', '1'
RECONFIGURE
To enable the feature, set 'c2 audit mode' to 1 using the following command:
sp_configure 'c2 audit mode', 1
go
To disable the feature, set 'c2 audit mode' to 0 using the following command:
sp_configure 'c2 audit mode', 0
go
0
 

Author Comment

by:awakenings
ID: 20006352
SQL Server DBA,

    That is helpful.  Thanks.  How so I ensure that the full list of 20-something features are configured at server startup?

Thanks!

Awakenings
0
 
LVL 16

Expert Comment

by:SQL_SERVER_DBA
ID: 20006401
Before you do this, you are aware that building traces like this are hard of performance. These files can grow to be extremely large.
0
Fill in the form and get your FREE NFR key NOW!

Veeam is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
LVL 16

Expert Comment

by:SQL_SERVER_DBA
ID: 20006410
to get a full understanding it would be easier if you referenced...
http://www.microsoft.com/technet/archive/winntas/maintain/security/c2secgde.mspx?mfr=true
0
 

Author Comment

by:awakenings
ID: 20006457
SQL Server DBA,

      I know very little about databases.  Reading 50 pages like that is confusing.  I know it may be hard on the system and I know we will have to rotate logs.  It is a requirement looking at the hardening standard I am working on.  Is there any way to over write events so the log doesn't fill up the computer?  For example, with OS logs one can choose to have the logs just write over one another once they reach a certain size.  So I ask again, how do I ensure that the 20-something events are run at startup?

Thanks,
0
 

Author Comment

by:awakenings
ID: 20014913
Ah...  I am starting to understand now.  All of those options can by analyzed by defining a trace that is run on server startup.  I'm a database newbie so...  Thanks for your help!
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When trying to connect from SSMS v17.x to a SQL Server Integration Services 2016 instance or previous version, you get the error “Connecting to the Integration Services service on the computer failed with the following error: 'The specified service …
One of the most important things in an application is the query performance. This article intends to give you good tips to improve the performance of your queries.
Familiarize people with the process of retrieving data from SQL Server using an Access pass-thru query. Microsoft Access is a very powerful client/server development tool. One of the ways that you can retrieve data from a SQL Server is by using a pa…
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.
Suggested Courses

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question