Auditing Products for SQL Server


By:   |   Updated: 2006-12-06   |   Comments (2)   |   Related: More > Auditing and Compliance

Problem

With the many needs (SOX, HIPAA, internal, etc.) for auditing sensitive data, what are the options available in the market place to audit SQL Server data and code changes?  Do these products automatically collect the data as well as build reports and selectively alert on critical issues?

Solution

Below outlines the SQL Server auditing products on the market with URL's to the product for more information.

ID Offering Data Changes Code Changes Auto Data Collection Reporting Real Time Alerting
1 ApexSQL Audit *   * *  
2 GridApp Clarity's Auditing and Compliance * * * * *
3 Idera Compliance Manager * * * * *
4 Imperva * * * * *
5 Lumigent Audit DB * * * * *
6 Quest Software SQL Watch   * * * *
7 SQL Server Profiler * * *    
8 SQL Server Triggers * * *    

If you know of additional SQL Server auditing products on the market, please let us know and we will update this tip.  Please email the product\technology\tool to [email protected].

Next Steps


Last Updated: 2006-12-06


get scripts

next tip button



About the author
MSSQLTips author Jeremy Kadlec Jeremy Kadlec is the Co-Founder, Editor and Author at MSSQLTips.com, CTO @ Edgewood Solutions and a six time SQL Server MVP.

View all my tips
Related Resources




More SQL Server Solutions











Post a comment or let the author know this tip helped.

All comments are reviewed, so stay on subject or we may delete your comment. Note: your email address is not published. Required fields are marked with an asterisk (*).

*Name
*Email
Email me updates

Signup for our newsletter

I agree by submitting my data to receive communications, account updates and/or special offers about SQL Server from MSSQLTips and/or its Sponsors. I have read the privacy statement and understand I may unsubscribe at any time.





Tuesday, February 11, 2020 - 10:14:17 AM - Anonn Back To Top

Another auditing tool that can be added to the list is IBM's Security Guardium application.  It is similar to trace in that it acts as a network sniffer like Wireshark to capture all SQL being sent to the database so that you can audit what the database administrators are doing or other administrators.  Sort of like policing the police.  It does other auditing functions as well.


Saturday, February 08, 2014 - 9:55:18 AM - Panayiotis Hiripis Back To Top

Hi all,

  I believe you should include Sql Server's change tracking feature. Basically, it is an internal triggerless mechanism to observe dml changes to all tables of a database, with a purging mechanism.   http://technet.microsoft.com/en-us/library/bb933875.aspx   and   http://msdn.microsoft.com/en-us/library/cc305322.aspx



download


get free sql tips

I agree by submitting my data to receive communications, account updates and/or special offers about SQL Server from MSSQLTips and/or its Sponsors. I have read the privacy statement and understand I may unsubscribe at any time.



Learn more about SQL Server tools