ApexSQL Audit main features overview

Applies to
ApexSQL Audit

Summary
In this article, we are going to quickly look into three main ApexSQL Audit features:

  • Central repository database
  • Reporting
  • Alerts and email notifications

Description

In order to ensure data safety, easy reporting and being timely and properly alerted on critical events, ApexSQL Audit includes following main features:

Central repository database

ApexSQL Audit stores all configuration information and audited data for all audited SQL Server instances, both local and remote, in a single centralized repository database. The database is protected by a tamper-evident design which provides complete insight into any potential tampering with all information stored within the database, both configuration and auditing.

The Central repository database is installed together with the main application and requires a local SQL Server instance to host it. It can be archived at any time both to preserve disk space or to remove past data from the current repository to a data storage for safe keeping. The audited information is extracted from the database directly from ApexSQL Audit main application or reporting application. For more information on central repository database design and features, please visit following articles:

Reporting

While ApexSQL Audit central repository database can be directly queried to create auditing reports, in order to extract the information and use powerful reporting UI, users can use built-in reporting features in main ApexSQL Audit application, or install the same GUI on any remote instance within the domain. Furthermore, using the ‘User configuration’ menu allows awarding different permissions to different users, hence the ‘Reader’ role is perfect for user which should only be allowed to run the reports. Detailed information on reporting application is available in the following articles:

Alerting and email notifications

ApexSQL Audit offers three main types of alerts:

  • Auditing alerts – where users can configure alerts to be triggered on specific auditing events, such are failed access attempts, “Select” queries performed from specific client host on specific table etc.
  • Before-after alerts – which allows users to be alerted when specific before-after data values are changed
  • Custom script alerts – which provides users with the ability to use custom scripts and threshold values as triggering mechanisms for alerts

Regardless of the alert type, once the alert condition is triggered, alerts are raised and written to the central repository database, while users can opt to additionally have them written in the windows event log, or sent via email with customizable information on the alert and event that triggered it. Email alerts are sent via SMTP server and ApexSQL Audit users can create different recipient groups for unlimited number of alerts that can be created and active at once. For detailed guide on how to configure alerts and setup email notification within ApexSQL Audit, please check the How to create a custom alert with an email notification article.