Login audit setting


Job details

Name: Login audit setting
Platform: Sqlserver
Category: Security
Premium package: Security and compliance package
Description: Checks if the SQL Server login audit is set to value ‘2′ (none = 0, successful logins only = 1, failed logins only = 2, both failed and successful logins = 3).
Long description: Checks if the SQL Server login audit is set to value ‘2′ (none = 0, successful logins only = 1, failed logins only = 2, both failed and successful logins = 3). After changing this option the SQL Server Instance must be restarted.
Version: 1.2
Default schedule: 15 1 1 *
Requires engine install: Yes
Compatibility tag: .[type=‘instance’ & databasetype=‘sqlserver’]/instance[maj_version > ‘2005′ & hasengine=‘YES’ & eng_inst_priv = 0 & (engine_edition = ‘Microsoft SQL Server’ engine_edition = ‘Azure SQL Managed Instance’)]

Parameters

Name Default value Description
return status 1 Return status value (ALARM – 2, WARNING – 1, or OK – 0) if the SQL Server login audit is not set to value “2″.
history threshold 365 The maximum number of days to keep statistics for in the historic tables.

Job Summary

EXEC xp_instance_regread @rootkey='HKEY_LOCAL_MACHINE', @key='SOFTWARE\Microsoft\MSSQLServer\MSSQLServer', @value_name='AuditLevel'

Job Implementation Details

Dependencies and Cleanup

Reporting and Visualization

Upgrade Notes

Metadata and Compliance

This thorough description reflects how dbWatch Control Center is utilized to monitor and enforce crucial security settings within SQL Server environments, helping maintain strict access and auditing controls.