Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
The Security Audit event category contains security audit events.
In This Section
| Topic | Description |
|---|---|
Indicates that a login has been added or removed as a database user to a database. |
|
Indicates that a login was added or removed from a fixed server role. |
|
Indicates that a login has been added to or removed from a role. |
|
Indicates that a database role was added to or removed from a database. |
|
Indicates that a login has been added or removed. |
|
Indicates that a password has been changed for an application role. |
|
Indicates that a backup or restore statement has been issued. |
|
Reports audit messages related to Service Broker dialog security. |
|
Reports audit messages related to Service Broker transport security. |
|
Indicates that an audit trace modification has been made. |
|
Indicates that the permissions to change the owner of a database have been checked. |
|
Indicates that a database has been created, altered, or dropped. |
|
Reports audit messages related to database mirroring transport security. |
|
Indicates that a database object, such as a schema, has been accessed. |
|
Indicates that a GDR event for a database object has occurred. |
|
Indicates that a CREATE, ALTER, or DROP statement was executed on a database object. |
|
Indicates that there has been a change of owner for objects in database scope. |
|
Indicates that various operations such as checkpoint or subscribe query notification have occurred. |
|
Indicates that an impersonation has occurred within the database scope. |
|
Indicates that principals have been created, altered, or dropped from a database. |
|
Indicates that a GRANT, REVOKE, or DENY has been issued for a statement permission by a user in Microsoft SQL Server. |
|
Indicates that a DBCC command has been issued. |
|
Indicates that a user has changed their SQL Server login password. |
|
Indicates that sp_defaultdb, sp_defaultlanguage, or ALTER LOGIN was used to modify a property of a login. |
|
Indicates that a user has successfully logged into SQL Server. |
|
Indicates that a user attempted to log in to SQL Server and failed. |
|
Indicates that a Microsoft Windows login right was added or removed. |
|
Indicates that a user has logged out of SQL Server. |
|
Indicates that a CREATE, ALTER, or DROP was issued for an object. |
|
Indicates that an object permission (such as SELECT) has been used. |
|
Indicates that a GRANT, REVOKE, or DENY was issued for a schema object permission by a user in SQL Server. |
|
Indicates that a server object has been created, altered, or dropped. |
|
Indicates that the permissions to change the owner of schema object have been checked. |
|
Indicates that the ALTER TRACE permission has been checked. |
|
Indicates that a GDR event for a schema object has occurred. |
|
Indicates that a CREATE, ALTER, or DROP event has occurred for a server object. |
|
Indicates that a server object owner has changed. |
|
Indicates that Audit operations have occurred in the server. |
|
Indicates that an impersonation has occurred within the server scope. |
|
Indicates that a CREATE, ALTER, or DROP has occurred for a server principal. |
|
Indicates that a GDR event has occurred for server permissions. |
|
Indicates that the SQL Server service state has been modified. |
|
Indicates that a statement permission has been used. |