Setup Windows Audit - SQL-FineBuild/Common GitHub Wiki
| Previous Setup Power Configuration | Manual Install | Setup Firewall Port Exceptions Next |
|---|
FineBuild can set up the Windows Audit processing to improve security monitoring for SQL Server.
Security Compliance
Setup Windows Audit configuration helps to log use of sensitive facilities and securely log any violations. If you setup Security Compliance then Setup Windows Audit configuration will always be implemented.
Group Policy Management
The Setup Windows Audit configuration can be enforced by Group Policy Management.
FineBuild Windows Audit Processing
Automated configuration of Windows Audit relates to Process Id 1CE in the FineBuild1Preparation script, and is controlled by the parameter below:
| SQL Version | Parameter | FULL Build | WORKSTATION Build | CLIENT Build |
|---|---|---|---|---|
| SQL2019 | /SetupWinAudit: | Yes | No | Yes |
| SQL2017 | /SetupWinAudit: | Yes | No | Yes |
| SQL2016 | /SetupWinAudit: | Yes | No | Yes |
| SQL2014 | /SetupWinAudit: | Yes | No | Yes |
| SQL2012 | /SetupWinAudit: | Yes | No | Yes |
| SQL2008R2 | /SetupWinAudit: | Yes | No | Yes |
| SQL2008 | /SetupWinAudit: | Yes | No | Yes |
| SQL2005 | /SetupWinAudit: | Yes | No | Yes |
Setup of Windows Audit is not performed automatically for Workstation Build as this type of installation often has conflicting demands for audit requirements.
Manual Setup Windows Audit Processing
The following steps show what you would have to do to setup Windows Audit manually. FineBuild does all of this work for you automatically.
This processing should always be performed for a Server or Client Build, but may not be required for a Workstation build.
Windows Audit configuration can be performed either by using a GUI or by the command line. The examples below show both options.
GUI Configuration of Windows Audit
The example below shows how Windows Audit configuration be performed using a GUI
-
Select Settings -> Control Panel -> Administrative Tools -> Local Security Policy to open the Local Security Policy GUI
-
Navigate to Local Policy -> Audit Policy then set the values shown below:
Command Line configuration of Windows Audit
The example below shows how Windows Audit configuration be performed using the command line
- Run the following commands:
AUDITPOL /set /Category:"Account Logon" /success:enable /failure:enable
AUDITPOL /set /Category:"Account Management" /success:enable /failure:enable
AUDITPOL /set /Category:"DS Access" /success:enable /failure:enable
AUDITPOL /set /Category:"Logon/Logoff" /success:enable /failure:enable
AUDITPOL /set /Category:"Object Access" /success:enable /failure:enable
AUDITPOL /set /Category:"Policy Change" /success:enable
AUDITPOL /set /Category:"Privilege Use" /success:enable /failure:enable
AUDITPOL /set /Category:"Detailed Tracking" /success:disable /failure:disable
AUDITPOL /set /Category:"System" /success:enable
Copyright FineBuild Team © 2017 - 2018. License and Acknowledgements
| Previous Setup Power Configuration | Top | Setup Firewall Port Exceptions Next |
|---|