C2 稽核模式伺服器組態選項c2 audit mode Server Configuration Option

適用於: 是SQL Server 否Azure SQL Database 否Azure Synapse Analytics (SQL DW) 否平行處理資料倉儲 APPLIES TO: yesSQL Server noAzure SQL Database noAzure Synapse Analytics (SQL DW) noParallel Data Warehouse

C2 稽核模式可以透過 SQL Server Management StudioSQL Server Management Studiosp_configure 中的 [C2 稽核模式] 選項來設定。C2 audit mode can be configured through SQL Server Management StudioSQL Server Management Studio or with the c2 audit mode option in sp_configure. 選取這個選項,會將伺服器設定為將存取陳述式和物件的失敗嘗試和成功嘗試都記錄下來。Selecting this option will configure the server to record both failed and successful attempts to access statements and objects. 這項資訊可協助您分析系統活動並追蹤可能的安全性原則違規。This information can help you profile system activity and track possible security policy violations.

注意

這項功能處於維護模式,並可能在 Microsoft SQL Server 的未來版本中移除。This feature is in maintenance mode and may be removed in a future version of Microsoft SQL Server. 請避免在新的開發工作中使用這項功能,並規劃修改目前使用這項功能的應用程式。Avoid using this feature in new development work, and plan to modify applications that currently use this feature.通用條件憑證已取代 C2 安全性標準。The C2 security standard has been superseded by Common Criteria Certification. 請參閱 通用條件符合已啟用伺服器組態選項See the common criteria compliance enabled Server Configuration Option.

稽核記錄檔Audit Log File

C2 稽核模式資料會儲存在執行個體之預設資料目錄的檔案中。C2 audit mode data is saved in a file in the default data directory of the instance. 如果稽核記錄檔已達到 200 MB 的大小限制, SQL ServerSQL Server 將建立新檔案、關閉舊檔案,並將所有新稽核記錄寫入新檔案。If the audit log file reaches its size limit of 200 megabytes (MB), SQL ServerSQL Server will create a new file, close the old file, and write all new audit records to the new file. 在填滿稽核資料目錄或關閉稽核之前,會繼續進行這個程序。This process will continue until the audit data directory fills up or auditing is turned off. 若要判斷 C2 追蹤的狀態,請查詢 sys.traces 目錄檢視。To determine the status of a C2 trace, query the sys.traces catalog view.

重要

C2 稽核模式會將大量的事件資訊儲存到記錄檔,因此該記錄檔會快速成長。C2 audit mode saves a large amount of event information to the log file, which can grow quickly. 如果儲存記錄檔的資料目錄已用盡空間, SQL ServerSQL Server 將自行關閉。If the data directory in which logs are being saved runs out of space, SQL ServerSQL Server will shut itself down. 如果將稽核設為自動啟動,您必須以 -f 旗標 (略過稽核) 重新啟動執行個體,或為稽核記錄釋放額外的磁碟空間。If auditing is set to start automatically, you must either restart the instance with the -f flag (which bypasses auditing), or free up additional disk space for the audit log.

權限Permissions

需要 系統管理員 (sysadmin) 固定伺服器角色中的成員資格。Requires membership in the sysadmin fixed server role.

範例Example

下列範例會開啟 C2 稽核模式。The following example turns on C2 audit mode.

sp_configure 'show advanced options', 1 ;  
GO  
RECONFIGURE ;  
GO  
  
sp_configure 'c2 audit mode', 1 ;  
GO  
RECONFIGURE ;  
GO  
  

另請參閱See Also

RECONFIGURE (Transact-SQL) RECONFIGURE (Transact-SQL)
伺服器組態選項 (SQL Server) Server Configuration Options (SQL Server)
sp_configure (Transact-SQL)sp_configure (Transact-SQL)