MS SQL Server Audit Event: 24083

MS SQL Server Auditing Tool

Databases are critical to enterprises because they store confidential data. Hence it becomes important to monitor database logs. But manually auditing them is a herculean task because of the enormous amount of log data generated. ManageEngine's EventLog Analyzer is a comprehensive log management tool that makes it easy for you to monitor all database activities, audit user accesses, track database server account changes, and ensure integrity of confidential data stored, especially in your MS SQL server database.

SQL » 24083: Issued a change server principal password policy command

24083: Issued a change server principal password policy command

SQL servers can use the password policy mechanisms of Windows Active Directory. The password policy applies to the credentials of SQL server as well as the databases contained in the SQL server. Event 24083 occurs when a command to change the password policy of an SQL server principal has been issued. This event is generated by the SERVER_PRINCIPAL_CHANGE_GROUP action group. Important information can be derived from this event including the:

  • Date and time at which the event occurred.
  • Session identifier of the event.
  • Privileged user who performed the action.
  • Server associated with the event.
  • ID, name and type of the target object (in this case, the SQL server login).