Database Compliance Auditing for SQL Server

Apply the right auditing settings to your servers and databases for PCI DSS, DISA STIG, NERC, CIS, FERPA, SOX, GDPR, and HIPAA regulations.

Quickly compare your customized or modified audit configuration against the regulation guidelines to verify that your settings are compliant.

Reduce data collection, transmission, and storage overhead with powerful filtering capabilities that enable you to collect only the data that is important for audit and compliance.

Define and apply default configuration settings at the server or database level, view any differences from default settings, and add new databases to the auditing list automatically.

Perform comprehensive auditing of SQL Server data changes and database events, including trace events, extended events, and audit logs.

Discover sensitive data that needs to be audited using the integrated sensitive column search, then audit any combination of columns and be alerted when they are accessed.

Compare before/after data (BAD) values resulting from inserts, updates, and deletions on any table.

Audit privileged users to ensure all database accesses are tracked and reported, or designate a Server Level Trusted User to reduce data collection for that user.

Define rules to receive immediate notification, with customizable alerts for more than 200 specific SQL Server Event types that can be stored in the audit repository, emailed directly to a user, or written to an event log.

Filter, alert on, and audit user-defined events, for full tracking and reporting of privileged user database activity.

Configure multiple event threshold levels, and set system alerts (via email, event log, or SNMP) when they are exceeded.

Issue alerts based on defined rules for events, status, or data for sensitive columns or before/after data (BAD) changes.

Easily manage and track audit activity over a large number of servers with real-time monitoring of agent activity and the audit data stream.

Guarantee the integrity of audit data with an immutable repository that automatically detects attempts to change or tamper with data.

Avoid losing audit data trail in the event of failure—automatically switch auditing from primary to the secondary replica in the event of failure, and failback to primary when it comes back online.

Grant users read-only auditor privileges, to support report and query execution as well as self-audit, integrity reporting, and configuration and data collection parameter change alerts.