sys.server_file_audits (Transact-SQL)sys.server_file_audits (Transact-SQL)

适用于:Applies to: 是SQL ServerSQL Server(所有支持的版本)yesSQL ServerSQL Server (all supported versions) 适用于:Applies to: 是SQL ServerSQL Server(所有支持的版本)yesSQL ServerSQL Server (all supported versions)

包含有关 SQL ServerSQL Server 服务器实例上审核中的文件审核类型的扩展信息。Contains extended information about the file audit type in a SQL ServerSQL Server audit on a server instance. 有关详细信息,请参阅 SQL Server Audit(数据库引擎)For more information, see SQL Server Audit (Database Engine).

列名称Column name 数据类型Data type 说明Description
audit_idaudit_id intint 审核的 ID。ID of the audit.
namename sysnamesysname 审核的名称。Name of the audit.
audit_guidaudit_guid uniqueidentifieruniqueidentifier 审核的 GUID。GUID of the audit.
create_datecreate_date datetimedatetime 创建文件审核的 UTC 日期。UTC date when the file audit was created.
modify_datemodify_date datatimedatatime 上次修改文件审核的 UTC 日期。UTC date when the file audit was last modified.
principal_idprincipal_id intint 在服务器上注册的审核的所有者的 ID。ID of the owner of the audit as registered on the server.
类型type char(2)char(2) 审核类型:Audit type:

0 = NT 安全事件日志0 = NT Security event log

1 = NT 应用程序事件日志1 = NT Application event log

2 = 文件系统中的文件2 = File on file system
type_desctype_desc nvarchar(60)nvarchar(60) 审核类型说明。Audit type description.
on_failureon_failure tinyinttinyint 失败时的状态:On Failure condition:

0 = 继续0 = Continue

1 = 关闭服务器实例1 = Shut down server instance

2 = 失败操作2 = Fail operation
on_failure_descon_failure_desc nvarchar(60)nvarchar(60) 失败时要写入的操作项:On Failure to write an action entry:

CONTINUECONTINUE

SHUTDOWN SERVER INSTANCESHUTDOWN SERVER INSTANCE

FAIL OPERATIONFAIL OPERATION
is_state_enabledis_state_enabled tinyinttinyint 0 - 禁用0 = Disabled

1 = 启用1 = Enabled
queue_delayqueue_delay intint 写入磁盘前建议等待的最长时间(以毫秒为单位)。Suggested maximum time, in milliseconds, to wait before writing to disk. 如果为 0,则审核将确保在事件可以继续之前进行写入。If 0, the audit will guarantee a write before the event can continue.
predicatepredicate **nvarchar (8000) **nvarchar(8000) 应用于事件的谓词表达式。Predicate expression that is applied to the event.
max_file_sizemax_file_size bigintbigint 审核的最大大小(以 MB 为单位):Maximum size, in megabytes, of the audit:

0 = 无限/不适用于所选的审核类型。0 = Unlimited/Not applicable to the type of audit selected.
max_rollover_filesmax_rollover_files intint 要用于滚动更新选项的文件的最大数目。Maximum number of files to use with the rollover option.
max_filesmax_files intint 在没有滚动更新选项时要使用的文件的最大数目。Maximum number of files to use without the rollover option.
reserved_disk_spacereserved_disk_space intint 按文件保留的磁盘空间量。Amount of disk space to reserve per file.
log_file_pathlog_file_path nvarchar(260)nvarchar(260) 审核所在的路径。Path to where audit is located. 对于文件审核为文件路径,对于应用程序日志审核为应用程序日志路径。File path for file audit, application log path for application log audit.
log_file_namelog_file_name nvarchar(260)nvarchar(260) CREATE AUDIT DDL 中提供的日志文件的基名称。Base name for the log file supplied in the CREATE AUDIT DDL. 创建日志文件名时向 base_log_name 文件中添加一个递增数字作为后缀。An incremental number is added to the base_log_name file as a suffix to create the log file name.

权限Permissions

具有 ALTER ANY SERVER AUDITVIEW any DEFINITION 权限的主体有权访问此目录视图。Principals with the ALTER ANY SERVER AUDIT or VIEW ANY DEFINITION permission have access to this catalog view. 此外,不能拒绝主体 VIEW ANY DEFINITION 权限。In addition, the principal must not be denied VIEW ANY DEFINITION permission.

目录视图中仅显示用户拥有的安全对象的元数据,或用户对其拥有某些权限的安全对象的元数据。The visibility of the metadata in catalog views is limited to securables that a user either owns or on which the user has been granted some permission. 有关详细信息,请参阅 Metadata Visibility ConfigurationFor more information, see Metadata Visibility Configuration.

另请参阅See Also

CREATE SERVER AUDIT (Transact-SQL) CREATE SERVER AUDIT (Transact-SQL)
ALTER SERVER AUDIT (Transact-SQL) ALTER SERVER AUDIT (Transact-SQL)
DROP SERVER AUDIT (Transact-SQL) DROP SERVER AUDIT (Transact-SQL)
CREATE SERVER AUDIT SPECIFICATION (Transact-SQL) CREATE SERVER AUDIT SPECIFICATION (Transact-SQL)
ALTER SERVER AUDIT SPECIFICATION (Transact-SQL) ALTER SERVER AUDIT SPECIFICATION (Transact-SQL)
DROP SERVER AUDIT SPECIFICATION (Transact-SQL) DROP SERVER AUDIT SPECIFICATION (Transact-SQL)
CREATE DATABASE AUDIT SPECIFICATION (Transact-SQL) CREATE DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER DATABASE AUDIT SPECIFICATION (Transact-SQL) ALTER DATABASE AUDIT SPECIFICATION (Transact-SQL)
DROP DATABASE AUDIT SPECIFICATION (Transact-SQL) DROP DATABASE AUDIT SPECIFICATION (Transact-SQL)
ALTER AUTHORIZATION (Transact-SQL) ALTER AUTHORIZATION (Transact-SQL)
sys.fn_get_audit_file (Transact-SQL) sys.fn_get_audit_file (Transact-SQL)
sys.server_audits (Transact-SQL) sys.server_audits (Transact-SQL)
sys. server_file_audits (Transact-sql) sys.server_file_audits (Transact-SQL)
sys.server_audit_specifications (Transact-SQL) sys.server_audit_specifications (Transact-SQL)
sys.database_audit_specifications (Transact-SQL) sys.database_audit_specifications (Transact-SQL)
sys.database_audit_specification_details (Transact-SQL) sys.database_audit_specification_details (Transact-SQL)
sys.dm_server_audit_status (Transact-SQL) sys.dm_server_audit_status (Transact-SQL)
sys.dm_audit_actions (Transact-SQL) sys.dm_audit_actions (Transact-SQL)
sys.dm_audit_class_type_map (Transact-SQL) sys.dm_audit_class_type_map (Transact-SQL)
创建服务器审核和服务器审核规范Create a Server Audit and Server Audit Specification