We have a requirement to audit access to production data. mean audititing any activity on sensitive production data like Select/DML/DDL etc on specific database.
We have evaluated options like
Enabling Successfull/failed login - which will not capture what activity the user is doing on the box
C2 Audit - which is too much
SQL profiler in the backgroud: this seems to be the most viable option where a trace will be started when the server starts and the trace files will be saved to a safe file share.
if we reduce the number of events to be captured, will it reduce the load compared to a profiler running default options?
View Complete Post