Hi,chrisrdba
SQL Audit can track Profiler usage, but it returns way more info than I want w no way to filter on what it's capturing. I'm also not sure it can track instance changes?
Through SQL Server Audit, you can create Server Audit Specification and Database Audit Specification.
You can refer to
Create a server audit and database audit specification
SQL Server Audit Action Groups and Actions
I was focused on the default trace, but then discovered it doesn't capture all instance changes (linked servers, settings on the Security tab of server properties, settings on the Processors tab of server properties, etc).
Since the execution operations on the linked server are actually performed locally on the server, it is not possible to remotely track the execution details. However, you can track commands related to the Linked server by tracing OLEDB eventsthrough Sql profiler.
You can filter the target object of batch commands or remote calls by linked server name as shown in the figure:
Events with Linked servername are quite rare and are mainly concentrated in OLEDB events; you need to combine other event events with OLEDB events.
Log:
Best regards
Mikey Qiao