From 5a99d4d7faf1c7b4ec6ceb7360ba8e66c5eff1bb Mon Sep 17 00:00:00 2001 From: Jurjen Ladenius Date: Mon, 10 Feb 2025 10:25:13 +0000 Subject: [PATCH] Merged PR 57105: setup log analytics for sql01 prod setup log analytics for sql01 prod --- Powershell/Lists/DevOps/Repositories.ps1 | 8 +- .../sqlserver01prod - log analytics.sql | 562 ++++++++++++++++++ 2 files changed, 568 insertions(+), 2 deletions(-) create mode 100644 SQL/Auditing/sqlserver01prod - log analytics.sql diff --git a/Powershell/Lists/DevOps/Repositories.ps1 b/Powershell/Lists/DevOps/Repositories.ps1 index 6f86f53..9f73afe 100644 --- a/Powershell/Lists/DevOps/Repositories.ps1 +++ b/Powershell/Lists/DevOps/Repositories.ps1 @@ -7,6 +7,8 @@ class Repository { [string] $WebUrl = "" [string] $LastPRDate = "" [string] $LastPRName = "" + [string] $LastPRCreatedBy = "" + [string] $LastPRReviewers = "" [string] $LastPRUrl = "" } @@ -29,7 +31,7 @@ foreach ($repo in $repos) $repository.DefaultBranch = $repo.defaultBranch $repository.IsDisabled = $repo.isDisabled $repository.WebUrl = $repo.webUrl - + if ($true -ne $repo.isDisabled) { $lastPr = az repos pr list --project "survey software" --repository $repo.name --organization "https://dev.azure.com/effectory/" --status completed --top 1 | ConvertFrom-Json | Select-Object @@ -39,7 +41,9 @@ foreach ($repo in $repos) $repository.LastPRDate = $lastPr.creationDate $repository.LastPRName = $lastPr.title $repository.LastPRUrl = $lastPr.url - } + $repository.LastPRCreatedBy = $lastPr.createdBy.displayName + $repository.LastPRReviewers = $lastPr.reviewers | join-string -property displayName -Separator ',' + } } $Result += $repository diff --git a/SQL/Auditing/sqlserver01prod - log analytics.sql b/SQL/Auditing/sqlserver01prod - log analytics.sql new file mode 100644 index 0000000..5e28bec --- /dev/null +++ b/SQL/Auditing/sqlserver01prod - log analytics.sql @@ -0,0 +1,562 @@ +CREATE SERVER AUDIT [sql01audit_loganalytics] TO EXTERNAL_MONITOR; +GO + +-- Create server specification +CREATE SERVER AUDIT SPECIFICATION [sql01audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] + ADD (FAILED_LOGIN_GROUP), + ADD (LOGOUT_GROUP), + ADD (SUCCESSFUL_LOGIN_GROUP) + WITH (STATE=ON); +GO + +-- Set state on +ALTER SERVER AUDIT [sql01audit_loganalytics] WITH (STATE = ON); +GO + + + + +USE [ChangeLog] +GO + +CREATE DATABASE AUDIT SPECIFICATION [ChangeLog_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [Effectory CM] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Effectory_CM_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [Effectory Live] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Effectory_Live_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [Effectory Project] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Effectory_Project_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [Effectory Questionbase] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Effectory_Questionbase_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP) +WITH (STATE = ON) +GO + +---------------------------- + +USE [Effectory Response Center] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Effectory_Response_Center_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP) +WITH (STATE = ON) +GO + +USE [Effectory Response MRT import] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Effectory_Response_MRT_import_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [Effectory Response Queue] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Effectory_Response_Queue_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [esm_wh] +GO + +CREATE DATABASE AUDIT SPECIFICATION [esm_wh_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP) +WITH (STATE = ON) +GO + +USE [ktv_wh] +GO + +CREATE DATABASE AUDIT SPECIFICATION [ktv_wh_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [MRT Reporting Data] +GO + +CREATE DATABASE AUDIT SPECIFICATION [MRT_Reporting_Data_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP) +WITH (STATE = ON) +GO + +USE [Personeelsadministratie] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Personeelsadministratie_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +USE [PMSoftware] +GO + +CREATE DATABASE AUDIT SPECIFICATION [PMSoftware_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP) +WITH (STATE = ON) +GO + +USE [Teleform_V16_5] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Teleform_V16_5_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP) +WITH (STATE = ON) +GO + +USE [Teleform109] +GO + +CREATE DATABASE AUDIT SPECIFICATION [Teleform109_audit_loganalytics] +FOR SERVER AUDIT [sql01audit_loganalytics] +ADD (DATABASE_OBJECT_ACCESS_GROUP), +ADD (SCHEMA_OBJECT_ACCESS_GROUP), +ADD (DATABASE_ROLE_MEMBER_CHANGE_GROUP), +ADD (BATCH_COMPLETED_GROUP), +ADD (BACKUP_RESTORE_GROUP), +ADD (BATCH_STARTED_GROUP), +ADD (DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP), +ADD (USER_CHANGE_PASSWORD_GROUP), +ADD (USER_DEFINED_AUDIT_GROUP), +ADD (SCHEMA_OBJECT_CHANGE_GROUP), +ADD (DATABASE_OPERATION_GROUP), +ADD (LEDGER_OPERATION_GROUP), +ADD (APPLICATION_ROLE_CHANGE_PASSWORD_GROUP), +ADD (SENSITIVE_BATCH_COMPLETED_GROUP), +ADD (DATABASE_OWNERSHIP_CHANGE_GROUP), +ADD (DATABASE_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_IMPERSONATION_GROUP), +ADD (DATABASE_CHANGE_GROUP), +ADD (DATABASE_OBJECT_CHANGE_GROUP), +ADD (DATABASE_PRINCIPAL_CHANGE_GROUP), +ADD (AUDIT_CHANGE_GROUP), +ADD (FAILED_DATABASE_AUTHENTICATION_GROUP), +ADD (DATABASE_LOGOUT_GROUP), +ADD (SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP), +ADD (DBCC_GROUP), +ADD (DATABASE_PERMISSION_CHANGE_GROUP) +WITH (STATE = ON) +GO + +