Support
 
Support Get Quote
 
 
 
 

MS SQL Server

MS SQL Server Log Auditing Tool

Auditing database activities manually is a herculean task. The best way to accomplish this effectively is with a comprehensive solution that simplifies and automates the database and activity monitoring. The solution should also enable database administrators to monitor, track, instantly identify the root cause of any operational issues and also detect unauthorized access to confidential data in real-time.

  • Just ... days left! Are you ready for the GDPR
  • Get to know about the challenges and impacts of the all new GDPR

Auditing Microsoft SQL Server logs with EventLog Analyzer

EventLog Analyzer is a comprehensive database activity monitoring tool that helps you monitor all database activities, accesses, and server account changes in your Microsoft SQL Server database. Here are some of EventLog Analyzer's key features:

  • Autodiscovery of SQL Servers: Automatically discover all the SQL Servers in your network.
  • Out-of-the-box reports: Perform audits with prepackaged reports that provide detailed information on data definition language (DDL) and data manipulation language (DML) queries.
  • Real-time alerts: Receive instant alerts on unauthorized access to confidential data or even to the database server itself.
  • SQL Server management: Efficiently manage SQL Server accounts by monitoring changes made to privileged user accounts with detailed reports and instant alerts.
  • Intuitive dashboard: Drill down to the raw log level and view collected log content to facilitate simplified root cause analysis.

SQL Server DDL auditing reports:

  • Monitor and track the changes happening at the database structural level, such as changes to the tables, views, procedures, triggers, schema, and more.
  • With intuitive graphical reports, get the details of who made what change, when, and from where.
  • Get real-time email or SMS notifications on any DDL level changes. Read more »

Available SQL Audit Reports

Created Databases | Dropped Databases | Altered Databases | Created Tables | Dropped Tables | Altered Tables | Created Views | Dropped Views | Altered Views | Created Stored Procedures | Dropped Stored Procedures | Altered Stored Procedures | Created Index | Dropped Index | Altered Index | Created Triggers | Dropped Triggers | Altered Triggers | Created Schemas | Altered Schemas | Dropped Schemas

Auditing SQL Server DML Activities:

  • Audit functional-level activities happening in your database with EventLog Analyzer's predefined reports.
  • Get to know when functional queries are executed, who executed them, and from where.
  • Instantly track all change activities such as data being viewed, updated, deleted, or new entries being added to your confidential data. Read more »

Available SQL Audit Reports

Selected Tables | Inserted Tables | Updated Tables | Deleted Tables | Execute Command | Recieve Command | Check reference command executed | Inserted Schemas | Selected Schemas | Updated Schemas | Deleted Schemas

Auditing SQL Server Accounts:

Managing and auditing database server accounts is critical in setting up authorizations for resources both inside and out of your database. EventLog Analyzer simplifies your database account management with real-time alerts and predefined reports to:

  • Track every change made to any account with respect to the users, logons and logoffs, passwords, and more.
  • Know when a privileged account is created, deleted, or modified.
  • Audit logon and logoff activities, and learn the reasons behind logon failures.
  • Instantly know when the password of a critical account gets changed, and more. Read more »

Available SQL Audit Reports

User Created | User Dropped | User Altered | Login Created | Login Dropped | Login Altered | DataBase Role Created | DataBase Role Dropped | DataBase Role Altered | Application Role Created | Application Role Dropped | Application Role Altered | Credential Created | Credential Dropped | Credential Altered | Own Password Changes | Failed Own password changes | Password changes | Password changes Failed | Password resets | Password resets Failed | Own password resets | Failed Own password resets | Unlocked accounts | Enabled users | Disabled users

Auditing SQL Server Activities:

  • With EventLog Analyzer's on-the-fly reports, quickly audit MS SQL Server activities such as startups, shutdowns, logons, logon failures, and more.
  • Get detailed reports on database backup, restoration, audit, audit specifications, administrator authorities, and more.
  • Learn the frequency of logon activities of your database, and visualize trend patterns of any logon failures. Read more »

Available SQL Audit Reports

Database backup report | Database restoration report | Transaction log backup report | Admin authority changes report | Permission changes report | Owner Changes report | Created server roles | Dropped server roles | Altered server roles | Created Server Audits | Dropped Server Audits | Altered server audits | Created Server Audit Specifications | Dropped Server Audit Specifications | Altered Server Audit Specifications | Created Database Audit Specifications | Dropped Database Audit Specifications | Altered Database Audit Specifications | Changed Audit Sessions | Shutdown and Failure Audits | Trace Audit C2 On | Trace Audit C2 Off | Started Trace Audits | Stopped Trace Audits | Server Startups | Server shutdowns | Logons | Failure logons | Logout Accounts | Top logons based on user | Top logons based on remote hosts | Top failure logons based on users | Top failure logons based on remote hosts | Logons Trend | Failed Logons Trend | Event Trend report

Mitigate SQL Server Security Attacks:

EventLog Analyzer helps mitigate external and internal security breaches by providing detailed reports and real-time alerts on various security attacks that can occur in your database.This solution:

  • Provides detailed reports on SQL injection and denial of service attacks, to help you conduct detailed forensic analysis on how the attack happened.
  • Alerts you in real time about important events including account lockouts, privilege abuses, unauthorized copying of sensitive data, and more, thus helping you to instantly react to security breaches. Read more »

Available SQL Audit Reports

Privilege abuses | Unauthorized copies of sensitive data | Account Lockouts | Storage media exposure | SQL Injection | Denial of Service

Granular auditing of user data in SQL Servers:

Many enterprises use SQL Servers to store their customers' personal data. EventLog Analyzer has several reports that can help you stay on top of critical changes performed in your SQL Servers, including reports on:

  • Modifications made to columns containing highly confidential information.
  • Each users' incumbent permissions and security changes in the SQL Server.
  • The time at which each user last logged in to the SQL Server.

Available SQL Audit Reports

Column Modified | Delete Operations | Security Changes | Permissions Information | Last Login Time | Logins Information 

Correlating SQL server logs

Many organizations use correlation as a method to understand and make sense of the connection between different logs originating from different sources. EventLog Analyzer's powerful correlation engine efficiently identifies defined attack patterns within your logs. Its correlation module offers many useful features, including:

  • View chronological sequence of logs for every identified attack pattern.
  • Set constraints on log fields for fine-grained control over the defined attack patterns. Read more.

Available SQL Audit Reports

Repeated SQL injection attempts in DB | Repeated SQL injection attempts | Suspicious SQL backup activity

Use Search and Advanced Search option on SQL logs

EventLog Analyzer provides a dedicated section for log data search, where you can search the raw SQL logs and detect network anomalies like mis-configurations, applications errors, etc. Click the 'Search' tab in the UI.

  • Use the Basic search to precisely pinpoint the exact log entry which caused a security activity and find the exact time at which the corresponding security event had happened.
  • Use Advanced Search to search by executing the search against multiple search criterion groups at one time. Read more.

To know more about SQL auditing, download our free solution brief SQL server auditing with EventLog Analyzer

 
Is your database secure? Download our free beginner's handbook on database auditing to learn how you can secure your databases through effective auditing. Download now
Customer Speaks
  • Credit Union of Denver has been using EventLog Analyzer for more than four years for our internal user activity monitoring. EventLog Analyzer provides great value as a network forensic tool and for regulatory due diligence. This product can rapidly be scaled to meet our dynamic business needs.
     
    Benjamin Shumaker
    Vice President of IT / ISO
    Credit Union of Denver
  • The best thing, I like about the application, is the well structured GUI and the automated reports. This is a great help for network engineers to monitor all the devices in a single dashboard. The canned reports are a clever piece of work.
     
    Joseph Graziano, MCSE CCA VCP
    Senior Network Engineer
    Citadel
  • EventLog Analyzer has been a good event log reporting and alerting solution for our information technology needs. It minimizes the amount of time we spent on filtering through event logs and provides almost near real-time notification of administratively defined alerts.
     
    Joseph E. Veretto
    Operations Review Specialist
    Office of Information System
    Florida Department of Transportation
  • I love the alerts feature of the product. We are able to send immediate alerts based on pretty much anything we can think of. We send alerts when certain accounts login, or when groups are changed, etc. That has been very helpful. Also the automatic archive of the log files has been very helpful and has taken the worry out of keeping old logs. The “Ask Me” function is very nice as well. It is great to have some natural language queries built in where you can just click a button and get an answer.
     
    Jim Earnshaw
    Senior Computer Specialist
    Department of Chemistry
    University of Washington
  • Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application.
     
    Jim Lloyd
    Information Systems Manager
    First Mountain Bank

EventLog Analyzer Trusted By

A Single Pane of Glass for Comprehensive Threat Management