awakenings
asked on
Mandatory auditing or C2 auditing enabling
I need to enable Mandatory auditing and I have no idea how. I saw where I can set the audit level to all, but I could use some help with this. I need to enable the C2 audit option and configure a great number of events. I really need a procedure as I have no idea where or how to do this. The events I need to add include Audit Add DB User Event
Audit Add Role Event
etc. There is a list of 20-some events I need to add.
Audit Add Role Event
etc. There is a list of 20-some events I need to add.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Before you do this, you are aware that building traces like this are hard of performance. These files can grow to be extremely large.
to get a full understanding it would be easier if you referenced...
http://www.microsoft.com/technet/archive/winntas/maintain/security/c2secgde.mspx?mfr=true
http://www.microsoft.com/technet/archive/winntas/maintain/security/c2secgde.mspx?mfr=true
ASKER
SQL Server DBA,
I know very little about databases. Reading 50 pages like that is confusing. I know it may be hard on the system and I know we will have to rotate logs. It is a requirement looking at the hardening standard I am working on. Is there any way to over write events so the log doesn't fill up the computer? For example, with OS logs one can choose to have the logs just write over one another once they reach a certain size. So I ask again, how do I ensure that the 20-something events are run at startup?
Thanks,
I know very little about databases. Reading 50 pages like that is confusing. I know it may be hard on the system and I know we will have to rotate logs. It is a requirement looking at the hardening standard I am working on. Is there any way to over write events so the log doesn't fill up the computer? For example, with OS logs one can choose to have the logs just write over one another once they reach a certain size. So I ask again, how do I ensure that the 20-something events are run at startup?
Thanks,
ASKER
Ah... I am starting to understand now. All of those options can by analyzed by defining a trace that is run on server startup. I'm a database newbie so... Thanks for your help!
ASKER
That is helpful. Thanks. How so I ensure that the full list of 20-something features are configured at server startup?
Thanks!
Awakenings