ApexSQL Audit glossary of terms

This article includes a glossary of terms commonly related to ApexSQL Audit components, features and processes.

Audit integrity refers to the security and truthfulness of audited data and tells the user if this data is proper, or if it has been corrupted, changed or possibly tampered with at any point in time. The audit integrity check can be performed on demand from the main GUI ribbon, or a system alert can be used to automatically notify user whenever there is a possible integrity breach.

Auditing filters are filters created by user to configure auditing of SQL Server events. If no filters are set, auditing will not commence. Users need to setup filters and apply them to initiate auditing/

Auditing service is a Windows service installed together with the application GUI and central repository database as a part of Main application component or separately on remote machines to allow remote auditing of SQL Server instances. The job of this component is to communicate with the central service, from which it receives auditing configuration, and to send back audited data for processing and safe keeping.

Before-after auditing is a separate auditing feature of ApexSQL Audit which leverages database CLR triggers to capture exact row values before and after the change for insert, update and delete operations. As mentioned, it is a separate auditing process in comparison to auditing performed by SQL traces or extended events.

Central repository database is a part of the main application which is used to store all audited data regardless of the number of audited SQL Server instances or databases included. All audited information, as well as configuration for auditing, reporting and alerting is stored in this single repository database. There can only be one repository database.

Central service is a Windows service which is part of the main application that is installed together with application GUI and central repository database. Central service is used to enable communication of all ApexSQL Audit components, to send configuration information and to receive and process audited data and transfer it to the central repository database.

Common reports are out-of-the-box reports available in ApexSQL Audit which can be instantly run against any audited server for immediate results.

Custom reports are reports created by the user which are based on logical conditions which provide practically limitless granularity and precision when creating user-defined reports. These reports can be saved and distributed between multiple ApexSQL Audit reporting modules.

Data source in reporting is any live, detached or archived central repository database that can be used as a source for any existing or custom reports. Data sources are configured in the application options, and multiple databases can be used at any point in time as a source of audited data.

Database archive is an old central repository database that is no longer used to store newly audited data, but contains some audited data from the past. Even though archived database will not be fed new audited data, it can be used as an data source for reporting. Also, archived database remains tamper-evident database.

Main application is the core of ApexSQL Audit which includes the user interface, central repository database, central service as well as the auditing service. Included components are inseparable and are installed together on the same machine

Remote auditing is a process of auditing SQL Server instance located away from the local machine, on a machine located on the remote host. To enable remote auditing, auditing service must be installed on the remote machine

SMTP server is short for Simple Mail Transfer Protocol, an Internet standard for electronic mail (email) transmission. The SMTP server is used to send emails on specific alerts when triggered, where the email notification has been configured.

Tamper-evident is a feature of ApexSQL Audit ensures that the integrity of central repository database is true, and that there was no any tampering what so ever with the audited data stored in the database. Any change made to the central repository database or it’s archive is considered as tampering, and will be reported by ApexSQL Audit to the user.

Temporary folder is a folder that stores collected traces that include audited data before these are inserted into the central repository database. In cases when the connection to the database is interrupted or not possible, temporary folders will house all collected traces until the connection is reestablished, when pilled-up traces will be inserted in order they were created.

Temporary repository is a separate SQL Server database named “ApexSQLAuditBeforeAfter” that will temporary accept all data audited by before-after auditing feature. Audited information is, when possible, transferred from the temporary repository directly to the central repository database.

Temporary trace files are SQL Server trace files that are generated when the event information is audited by ApexSQL Audit. These files are created in the temporary folder where they will wait for SQL Server to insert them into the central repository database, after which they are deleted.

User interface/console is a GUI that is used to configure auditing of both local and remote SQL Server instances using simple and advanced auditing filters, create and manage alert notifications, create and run reports, as well as status information on audited instances, overall configuration and maintenance tasks. Only one User console can be installed and used to run ApexSQL Audit.

Web reporting module is a separate component of ApexSQL Audit which enables users to run auditing reports directly from their web browsers. Web reports leverage Windows IIS (Internet Information Services) to enable users inside the domain to share and run auditing reports.