It is not a good idea to keep server audits locally on the server. Anyone having admin access to Windows or sysadmin to SQL, can delete the audit files. Store it in a file share outside of SQL server, where SQL service account only has Read, Folder/Append permission. Modify/Delete and Write must not be allowed. Remove the CREATOR OWNER permission on the folder where audits are to be stored as well. This way you can track down bad activity even done by system administrators.
![Database Level Auditing with SQL Server 2012 [HD]](http://i.ytimg.com/vi/bW80U9_Jdsw/mqdefault.jpg)
Thank you. It's very easy to get a overall idea, can expand from here to add other candidates or actions
Your welcome.
Very clear and concise. Thank you very much !
Thanks a bunch, great tutorial!
Glad it was helpful!
Thank you very much for this video. Looks like you really love scripting over the point-click stuff :)
It's best to learn scripting first and point and click 2nd :)
Can I tell which user used the select action? Is it possible to get their User ID?
It is not a good idea to keep server audits locally on the server. Anyone having admin access to Windows or sysadmin to SQL, can delete the audit files. Store it in a file share outside of SQL server, where SQL service account only has Read, Folder/Append permission. Modify/Delete and Write must not be allowed. Remove the CREATOR OWNER permission on the folder where audits are to be stored as well. This way you can track down bad activity even done by system administrators.
You make a very excellent point here. Thank you for taking the time to point this out for others.