sys.server_audits (Transact-SQL)

THIS TOPIC APPLIES TO:yesSQL Server (starting with 2008)noAzure SQL DatabasenoAzure SQL Data Warehouse noParallel Data Warehouse

Contains one row for each SQL Server audit in a server instance. For more information, see SQL Server Audit (Database Engine).

Column name Data type Description
audit_id int ID of the audit.
name sysname Name of the audit.
audit_guid uniqueidentifier GUID for the audit that is used to enumerate audits with member Server|Database audit specifications during server start-up and database attach operations.
create_date datetime UTC date the audit was created.
modify_date datetime UTC date the audit was last modified.
principal_id int ID of the owner of the audit, as registered to the server.
type char(2) Audit type:

SL – NT Security event log

AL – NT Application event log

FL – File on file system
type_desc nvarchar(60) SECURITY LOG

APPICATION LOG

FILE
on_failure tinyint On Failure to write an action entry:

0 – Continue

1 – Shutdown server instance

2 – Fail operation
on_failure_desc nvarchar(60) On Failure to write an action entry:

CONTINUE

SHUTDOWN SERVER INSTANCE

FAIL_OPERATION
is_state_enabled tinyint 0 – Disabled

1 - Enabled
queue_delay int Maximum time, in milliseconds, to wait before writing to disk. If 0, the audit will guarantee a write before an event can continue.
predicate nvarchar(3000) The predicate expression that is applied to the event.

Permissions

Principals with the ALTER ANY SERVER AUDIT or VIEW ANY DEFINITION permission have access to this catalog view. In addition, the principal must not be denied VIEW ANY DEFINITION permission.

The visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. For more information, see Metadata Visibility Configuration.

See Also

CREATE SERVER AUDIT (Transact-SQL)
ALTER SERVER AUDIT (Transact-SQL)
DROP SERVER AUDIT (Transact-SQL)
CREATE SERVER AUDIT SPECIFICATION (Transact-SQL)
ALTER SERVER AUDIT SPECIFICATION (Transact-SQL)
DROP SERVER AUDIT SPECIFICATION (Transact-SQL)
CREATE DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER DATABASE AUDIT SPECIFICATION (Transact-SQL)
DROP DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER AUTHORIZATION (Transact-SQL)
sys.fn_get_audit_file (Transact-SQL)
sys.server_file_audits (Transact-SQL)
sys.server_audit_specifications (Transact-SQL)
sys.server_audit_specification_details (Transact-SQL)
sys.database_audit_specifications (Transact-SQL)
sys.database_audit_specification_details (Transact-SQL)
sys.dm_server_audit_status (Transact-SQL)
sys.dm_audit_actions (Transact-SQL)
sys.dm_audit_class_type_map (Transact-SQL)
Create a Server Audit and Server Audit Specification