Hi @SSG ,
You can configure login auditing in SQL Server to monitor SQL Server Database Engine login activity. The audit result is written to SQL server error log.
You can configure login audit as below screenshot. You must restart SQL Server before this option will take effect.
Refer to MS document Configure Login Auditing (SQL Server Management Studio) to get more.
You need to have the EXECUTE permission on the object 'xp_instance_regwrite', database 'mssqlsystemresource', schema 'sys'. Suggest you using sysadmin account. I create a user1 login, the login is in public role, using user1 account to configure the SQL server login audit, I got below error message.
We change property of SQL server to configure SQL login audit. Quote from MS document View or Change Server Properties,
To execute sp_configure with both parameters to change a configuration option or to run the RECONFIGURE statement, a user must be granted the ALTER SETTINGS server-level permission. The ALTER SETTINGS permission is implicitly held by the sysadmin and serveradmin fixed server roles.
Suggest you using sysadmin account to configure SQL server login audit.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".