Andreas Wolter wants to focus in on specific database objects:
In this article I want to share a targeted approach to audit access to specific objects within a database in Microsoft SQL Server.
- In my last article, Evading Data Access Auditing in Microsoft SQL Server – and how to close the gaps, I showed multiple approaches to gain access to a chunk of sensitive data using the statistics object in SQL Server. The hardest one to capture is access to data that is exposed via the dynamic management function (DMF) dm_db_stats_histogram. This requires an additional Audit Specification in the master database for this system object. In the end we required 3 different Audit Action Groups to cover all the methods used to read data from our example table.
Read on to see what you can do as of SQL Server 2022.