I am wanting to know if anyone is aware if there is an Extended Event I could utilize to detect if a SQL server/database audit definition has been altered, created, deleted, etc. Currently I am utilizing SQL server/database audits, but am being introduced to Extended Events.
A lot of what I'm googling is related to XE vs. SQL Audits. Not so much on how to use XE to monitor SQL audits.
Looking for a way to "Audit my Audits".
Thank you.
Any Audit will track its own starts and stops under the Audit Session Changed (AUSC) event. I created an Audit on my local instance and merely enabled/disabled it and then ran the following query:
Here's what I see: