SQL Auditing (Legacy)

dbWatch Control Center includes support for SQL audit logging of all statements executed on monitored database instances via dbWatch operations. This feature is particularly useful for:

• Security and compliance reporting
• Change tracking
• Internal investigations and usage analytics

Audit logging captures queries initiated both by user actions (e.g., manual operations via the GUI or CCC scripts) and, if configured, automated jobs run by the system.

Enabling SQL Auditing (Version 25.3.X and older)

See details here

Enabling SQL Auditing (Version 26.1.X and newer)

See details here

Log Output Details

• Logs are written to disk on the Control Center Server
• Each log entry typically includes:
• Timestamp

Audit logs are stored in plain text and rotated/zipped as configured. Consider encrypting the log directory at the filesystem level or forwarding to a central log collector for improved security.

Example: Contents of the audit.log file (level 2) generated by the dbWatch Server, showing recorded user actions and system events for auditing and troubleshooting purposes.

Best Practices

• Always configure auditing in coordination with your data retention and compliance policy
• Use level 1 in production environments for user tracking, and level 2 for detailed audits or troubleshooting
• Combine auditing with dbWatch’s built-in Audit Logging dashboard
• Enable periodic off-host backups or log streaming to secure audit archives

Related Topics

• Audit Logging Overview
• Sensitive Data Stored
• Encryption
• Domain Configuration and Privileges

For further assistance with auditing setup, central log integration (e.g., with ELK/Splunk), or security audits, please contact:
support@dbwatch.com