There are 2 main menu tabs in ApexSQL Audit.
Home tab contains various ApexSQL Audit features separated into several organizational groups: Auditing, Reporting, Alerting and Central repository, which include majority of ApexSQL Audit features:
The “Resources” tab allows users to contact ApexSQL support, access application help and product page or handle activation and update related tasks:
Adding a server for auditing in ApexSQL Auditing is a simple three step task. First, users need to click on the “Add server” button in the server pane, then select your SQL Server from the drop menu and click “Add”, and finally provide login credentials and choose a folder where temporary auditing files for the specified server will be stored during the auditing job:
In order to see various information, both for the central instance, or any auditing SQL Server, users can check out the “Status” panel which offers plenty of information about running instances, informs users if there are any auditing issues, such is unconnectable servers, as well as some general information on both global and local levels:
To configure SQL Server for auditing, users can choose which databases will be audited, specify operations to be monitored, as well as applications and logins used. All these options are available in the auditing configuration pane. Complete summary of auditing filters can be seen on the right side of this pane:
In addition to the server filters, users can configure auditing on the database level, by adding and selecting specific database in the auditing configuration pane. When database is selected, users can choose which exact tables will be included or excluded from the auditing job, as well as to which exact database level events to audit:
When users want to achieve maximum precision in auditing, and need to achieve complex auditing filters, they can opt to switch to the advanced auditing configuration filters which allows users to specify and combine multiple conditions to fine tune the filters and achieve required filter precision:
For easier configuration of auditing filters, users can export and import any filters they’ve created or opt to implement any of the built-in configuration filters based on several compliance standards, including HIPAA, SOX, PCI etc:
For users that wish to perform before-after auditing, ApexSQL Audit allows trigger-based solution to capture events before and after the change. This is a separate auditing job that can be configured within the Before-after auditing configuration, where users can add specific databases and tables, and choose exact events to audit for before-after changes:
ApexSQL Audit comes with plethora of built in reports available to the users. These include general auditing reports, change and activity reports, security reports, reports based on specific compliance standards and more:
All existing reports can be used as a starting point, and users can edit or save them, and even export/import them between the central ApexSQL Audit instance and other reporting applications run by different users on different work stations:
Before actually generating auditing reports in any of the available formats, users can create previews of their reports, as per current configuration, and examine them on the spot, and fine tune filters to ensure they generate focused and high quality reports:
For users that need to be alerted on specific events in SQL Server, ApexSQL Audit provides functionality to create and configure alerts as per the specific requirements. In addition, general system alerts are already built-in ApexSQL Audit to alert them on important events regarding general ApexSQL Audit processes:
When configuring alerts, users can choose exact information that will be included in alert notification, define severity and customize general alert options, as well as use complex conditions to define exact event to trigger the alert, similar to the advanced auditing filter:
For users that want to immediately be informed on specific auditing events, ApexSQL Audit provides feature that allows users to configure alerts in such a way that ApexSQL Audit will send an email (via SMTP) to specific addresses, that will include full alert information:
To easier send emails to different user groups, users can create different recipient lists in ApexSQL Audit and add different addresses to the email alerts:
Once an alert is raised in ApexSQL Audit, it is stored in the central repository database, and all raised alerts can be inspected in the “Alert history” form, where they can be inspected, resolved or deleted:
ApexSQL Audit central repository database is tamper-evident database, which means that any change in the database made by any source different to ApexSQL Audit will be marked as possible tampering. To check the integrity of current repository database or previously created archive, users can run ‘Integrity check’ and receive report on any possible integrity breaches:
Archived databases can be used as data sources for reporting. While users can take them offline from SQL Server, once the need to generate reports from those archives comes, users can simply bring them online and then add them as data sources from the ApexSQL Audit options dialog, reporting tab:
To change application theme, or setup update options, users should check Options ‘General’ tab:
Users can check number of used and available licenses as well as see application version and check license agreement through “About” form:
April 11, 2017
