What’s next in ApexSQL Audit

What’s current in ApexSQL Audit

ApexSQL Audit 2014.04 has been released. This version brings highly anticipated support for SQL Server clusters. ApexSQL Audit now correctly identifies and performs audit of clustered SQL Server instances.

Auditing resumes correctly after a cluster node failover. Reports show the node name and allow filtering by it.

ApexSQL Audit 2014.05

With ApexSQL Audit 2014.5 we plan to bring two ultimate features for any compliance tool:

  • Sensitive columns
  • Advanced filter

We’ll also add the support for custom local reports, statistical reports, filtering by login and application name for simple filter and data integrity check for archived databases.

Sensitive columns

We’ll enable easy selection of columns that are important for auditing, and provide an easy way for user to be alerted if selected columns are accessed.

Advanced filter

With Advanced filter we plan to leverage the power of the new engine. We plan to build an advanced UI that will enable easy setup of any condition with arbitrary number of complexity and granularity. It will be also much easier to configure the large SQL Server sets with many live databases that should be audited. It will be the truly ultimate feature for compliance tool.

Custom local reports

We already support custom report creation in our web reports, now we’re bringing this useful feature to local reports.

Statistical reports

We plan to lay down the foundation of statistical reports in this release. These reports would show various statistics on captured data, for example how many times has some operation occurred during the selected time-span.

Filtering by login and application name in simple filter

Our customers have asked for more detailed filtering on login and application name so they could reduce the amount of data captured. While this sort of need can be addressed with the new advanced filter, we decided to add the most wanted fields like login and application name to simple filter too.

Data integrity check for archived databases

Currently ApexSQL Audit does not support easy integrity check on archived databases. We plan to address that in 2014.05 release by introducing required UI tools.

ApexSQL Audit 2015.01

In the fourth upcoming release, it’s all about making ApexSQL Audit the ultimate SQL Server compliance auditing tool. With previous releases we focused on fixing issues and providing new features such as alerts and SQL Server cluster support. For this release, we don’t plan any big, complex features, but want to provide multiple little features that make SQL Server auditing and compliance easier.

Configuration templates

This feature will provide an option to setup configuration templates for various compliance regulations (Basel II, HIPAA, PCI, FERPA, GLBA, SOX, etc.).

Advanced alert filter

We’ll unify GUI experience by providing advanced filtering during alert creation.

Command line interface

Currently, there are several processes than can be used to perform various tasks, such as: data integrity check, archiving, alerts creation, configuration change and adding/removing servers. These operations can be used only by using ApexSQL Audit main applicationUI. In order to open ApexSQL Audit for automatization – Command Line Interface (CLI) support will be added to automatize these processes.

System status

This is one of the features requested by our customers. We want to show various internal ApexSQL Audit states, such as:

  • Health information – helps the user resolve common issues encountered by various ApexSQL Audit modules (service is down, no connection to remote server, disk is full, etc.)
  • View statistical information – a graph and table with the number of audited DDL, DML, security, and other events
  • View recent system events – information about performed integrity checks, archiving, package loading, errors, etc.
  • View recent system changes – auditing and alerting configuration changes, addition or removal of audited instances
  • View system log – displays all logs information from all ApexSQL Audit modules (central and audited instances)

Rename the central repository database

Some companies are constrained by company standards where name conventions have to be used for databases names. ApexSQL Audit uses a fixed name for central repository database named ApexSQLCrd. Any attempt to change this name by a user will stop ApexSQL Audit to function properly. In ApexSQL Audit 2014.03, this option will be allowed via system options.

Context help

Forcing the user to read help is considered to be a bad design. In ApexSQL Audit, we are trying to make the application as intuitive as possible, we don’t want to explain users where to click or what to type, we want it to be obvious, but this is sometimes difficult, because there are many conditions and constraints that are not immediately obvious. In order to make these conditions and constraints obvious and explicit, we would introduce contextual help. This will not force the user to leave the current context, help will be shown in the current context without creating any noise or making the user confused. One of the examples of this contextual help is shown in the Alert wizard dialog:

ApexSQL Audit 2015.02

Before-after data filtering, reporting and alerting

One of highly desired requests by our customers is ability to see what was the value of particular column before and after the query was performed. In ApexSQL Audit 2015.02 we plan to bring you this feature that will include reports for previewing before-after data and data alerts on specific before-after values.

Alerts on historical data (aggregated alerts)

We’ll give our users a way to create alerts based on historical data collected in central repository database. This way they can be informed when some particular data needs their attention (for example number of failed logins during the last 24 hours is over the limit).

Additional system status alerts

As we implement system status in 2015.01 we’ll add more default system alerts so that user can be informed if ApexSQL Audit has encountered problem with any of its subsystems. First such alert will be the one that will perform alerting actions when one of ApexSQL Audit instances is not reachable.

Alert rule preview

With a huge list of alerting rules defined it is not easy to quickly conclude what a particular one does. We’ll add an alert rule preview to main GUI to quickly browse through defined alerts.

Additional alert actions

We plan to add support for logging an event log entry, executing external application, and maybe more, depending on user feedback.

Alerting options

We’ll introduce alerting options tab to set the most important alerting settings like e-mail account, recipient addresses and thresholds.

We want your feedback

All of the above isn’t written in stone. It’s 100% based on customer feedback and we want it to stay that way. We’re thankful to all our customers who give us honest feedback, and we plan to award their trust with the quality of future releases. Help us make ApexSQL Audit better!

August 20, 2014