apexsql使用方法

This is the last article, but not least, in the SQL Server Audit series. In this series (see TOC at the bottom), we explained deeply the concept of the SQL Server Audit, why it becomes mandatory for each company to have a SQL Server Audit solution to track and log the different types of events at both the SQL Server instance and database levels. We also went through and compare the different methods that can be used to audit the SQL Server instances and databases.

这是SQL Server审计系列的最后一篇文章，但并非最不重要。 在本系列文章中（请参阅底部的目录 ），我们深入解释了SQL Server审核的概念，为什么每个公司都必须拥有SQL Server审核解决方案来跟踪和记录两个SQL Server上不同类型的事件，这是强制性的实例和数据库级别。 我们还仔细研究并比较了可用于审核SQL Server实例和数据库的不同方法。

In this article, we will discuss how to easily audit your SQL Server instances and databases using ApexSQL Audit tool. ApexSQL Audit is a SQL Server audit tool that uses extended events and profiler traces, depending on the SQL Server version to track and log audit changes

在本文中，我们将讨论如何使用ApexSQL审核工具轻松审核SQL Server实例和数据库。 ApexSQL Audit是一个SQL Server审核工具 ，它使用扩展事件和事件探查器跟踪，具体取决于SQL Server版本来跟踪和记录审核更改

ApexSQL审核概述 (ApexSQL Audit Overview)

SQL Server provides us with a number of features, that can be used to audit the different aspects of the SQL Server instance. Some of these features allow us to audit specific events at the database level and other methods allow us to audit events at both the SQL Server instance and the database levels. But as discussed deeply in the previous articles of this series, each one of these methods has specific limitations, that makes it harder to consider it as a complete SQL Server Audit solution.

SQL Server为我们提供了许多功能，可用于审核SQL Server实例的不同方面。 其中一些功能允许我们在数据库级别审核特定事件，而其他方法则允许我们在SQL Server实例和数据库级别审核事件。 但是，如本系列前几篇文章中深入讨论的那样，这些方法中的每一种都有特定的局限性，因此很难将其视为完整SQL Server Audit解决方案。

ApexSQL Audit is a comprehensive SQL Server Audit solution that can be used to track and log the different types of actions performed at both the SQL Server instance and the database levels, in a way that overcomes all the limitations of the other features.

ApexSQL Audit是一个全面SQL Server Audit解决方案，可用于克服SQL Server实例和数据库级别上执行的各种不同类型的操作，从而克服了其他功能的所有局限性。

ApexSQL Audit can be easily installed to your server and automatically deployed to all machines that will be audited without the need for any manual installation from the user side. After installing it, ApexSQL Audit provides us with the ability to use the existing auditing templates to make sure that all your SQL Server instances and database meet these compliance standards. You can also customize the existing templates to meet your company requirements or simply create your own template and apply it to your SQL Servers and databases with a single click.

ApexSQL Audit可以轻松安装到您的服务器，并自动部署到将要审核的所有计算机，而无需用户进行任何手动安装。 安装后，ApexSQL审核使我们能够使用现有审核模板来确保您的所有SQL Server实例和数据库均符合这些合规性标准。 您还可以自定义现有模板以满足公司的要求，或者只需创建您自己的模板，然后单击即可将其应用于SQL Server和数据库。

With a large number of customizable filters, ApexSQL Audit allows you to track only what you want to audit at the deepest possible level. You can track the actions performed by a specific SQL Server login on a specific database object from a specific host while running a specific application. Again, all these configurations can be performed in a minute, as we will see later in this article. You can track each user from the time he logged in to the SQL Server instance till he finished and logged out from the system, with the ability to audit the data changes from the insert, update and delete operations and compare the values changing.

借助大量可自定义的过滤器，ApexSQL审核允许您仅跟踪要审核的内容。 您可以在运行特定应用程序时，从特定主机跟踪特定SQL Server登录名对特定数据库对象执行的操作。 同样，所有这些配置都可以在一分钟内完成，正如我们将在本文后面看到的那样。 您可以跟踪每个用户从其登录到SQL Server实例到完成并从系统注销之前的时间，并能够审核插入，更新和删除操作中的数据更改，并比较更改的值。

In order to review the captured information, ApexSQL Audit provides you with a library of built-in reports that you can run or create your own custom reports from these existing reports, with the ability to schedule these reports based on your requirements. All these auditing and reporting operations will be performed with the minimal impact on performance on the audited SQL Server instances and on the central repository server. You can also get notified, in real time, using existing alerts or your own custom alters, when an important event occurs on the audited SQL Servers, with the ability to log these alerts to the windows event log or send it via email.

为了查看捕获的信息，ApexSQL Audit为您提供了一个内置报告库，您可以运行这些报告或从这些现有报告创建您自己的自定义报告，并能够根据您的需求计划这些报告。 所有这些审核和报告操作都将在对审核SQL Server实例和中央存储库服务器的性能影响最小的情况下进行。 当在经审核SQL Server上发生重要事件时，您还可以使用现有警报或您自己的自定义更改实时获得通知，并能够将这些警报记录到Windows事件日志或通过电子邮件发送。

• Note: Check ApexSQL Audit main features overview for more information.
• 注意： 有关更多信息， 请 查看ApexSQL Audit主要功能概述 。

ApexSQL审核安装 (ApexSQL Audit Installation)

Before installing ApexSQL Audit to your server, you need to download it from the ApexSQL Download Center then run the installation media file on the server with administrator permissions. When the installation wizard initiated, you will be requested to choose from three main options:

在将ApexSQL Audit安装到服务器之前，您需要从ApexSQL下载中心下载它，然后在具有管理员权限的服务器上运行安装媒体文件。 启动安装向导后，将要求您从三个主要选项中进行选择：

• ApexSQL Audit Main Application: that includes installing both the GUI and the Central repository database for SQL Server Audit purposes ApexSQL Audit主应用程序 ：包括安装GUI和中央存储库数据库以进行SQL Server审核
• ApexSQL Audit Main GUI: that is used to configure SQL Server instances auditing with the different auditing filters, create new alerts and manage existing ones, create and schedule reports, checking the auditing instances status information, and performing the different maintenance tasks ApexSQL Audit Main GUI ：用于使用不同的审核筛选器配置SQL Server实例审核，创建新警报并管理现有警报，创建和计划报告，检查审核实例状态信息以及执行不同的维护任务
• Server-side Components: A Windows service that allows auditing of SQL Server instances remotely via the ApexSQL Audit main application. See how to 服务器端组件 ：一种Windows服务，允许通过ApexSQL Audit主应用程序远程审核SQL Server实例。 了解如何Audit remote instance 审核远程实例

Choosing to install the first option, you will be prompted to specify where the central repository database will be hosted, administrative username and password to connect to the selected SQL Server instance and a temporary files location for the repository files, as shown below:

选择安装第一个选项时，系统将提示您指定中央存储库数据库的托管位置，连接到所选SQL Server实例的管理用户名和密码以及存储库文件的临时文件位置，如下所示：

The central repository database is used by ApexSQL Audit to keep all configuration information and audited data for all audited SQL Server instances, both local and remote, with the ability to archive the repository database at any point, by creating an archived database to be used also as data source for the reports, to preserve the disk space or for safe keeping. For security purposes, the SQL Server Audit repository database will be protected using a tamper-evident design that provides complete insight into any potential tampering with both configuration and auditing information stored in that database.

ApexSQL Audit使用中央存储库数据库来保留所有已审计SQL Server实例（本地和远程）的所有配置信息和已审计数据，并能够通过创建要使用的已归档数据库随时归档存储库数据库。作为报告的数据源，以保留磁盘空间或安全保存。 为了安全起见，将使用防篡改设计保护SQL Server审核存储库数据库，该设计可提供对存储在该数据库中的配置和审核信息的任何潜在篡改的完整了解。

• Note: Check the ApexSQL Audit installation terms, definitions, and network topography for more information.
• 注意： 有关更多信息， 请 检查ApexSQL Audit安装条款，定义和网络拓扑 。

After completing the installation process successfully, ApexSQL Audit installation wizard will notify you and provide you with an option to run the tool directly, as shown below:

成功完成安装过程后，ApexSQL Audit安装向导将通知您并为您提供直接运行该工具的选项，如下所示：

添加新服务器 (Add New Server)

The first window that will be shown when you run ApexSQL Audit is the Status page, that summarizes the general status for the ApexSQL Audit components and the server where these components installed:

运行“ ApexSQL审核”时将显示的第一个窗口是“状态”页面，该页面汇总了“ ApexSQL Audit”组件和安装这些组件的服务器的常规状态：

In order to track the SQL Server Audit actions that are performed on a specific SQL Server instance, the required ApexSQL Audit components should be installed to that server. To install the ApexSQL Audit components on the SQL Server to be audited, click on the Configure button under the Home functions menu, as shown below:

为了跟踪在特定SQL Server实例上执行SQL Server审核操作，应将必需的ApexSQL Audit组件安装到该服务器。 要在要审核SQL Server上安装ApexSQL Audit组件，请单击“主页”功能菜单下的“ 配置”按钮，如下所示：

From the Server Explorer, click on the Add Server button and provide the name of the SQL Server instance, as below:

在服务器资源管理器中，单击“ 添加服务器”按钮，然后提供SQL Server实例的名称，如下所示：

When clicking on the Add button, you will be asked to provide administrator credentials to connect to the SQL Server instance to be tracked and install all required components. You will be also asked to specify the location for the ApexSQL Audit temporary files and the timeout settings when connecting to the SQL Server instance, as shown below:

单击“ 添加”按钮时，将要求您提供管理员凭据以连接到要跟踪SQL Server实例并安装所有必需的组件。 连接到SQL Server实例时，还将要求您指定ApexSQL Audit临时文件的位置和超时设置，如下所示：

If the provided credentials and information are valid, the ApexSQL Audit agent components will be installed to the added SQL Server, with a progress bar showing the agent installation status, as follows:

如果提供的凭据和信息有效，则ApexSQL Audit代理程序组件将安装到添加SQL Server中，并带有显示代理程序安装状态的进度条，如下所示：

Once the ApexSQL Audit agent components installed successfully to the SQL Server, the server name will be shown in the SQL Server instances list under the Server Explorer, as below:

将ApexSQL Audit代理组件成功安装到SQL Server之后，服务器名称将显示在Server Explorer下SQL Server实例列表中，如下所示：

添加数据库 (Add Databases)

After adding a new SQL Server instance, an option to add databases for auditing purposes under that server will be displayed. If you click on the Add Database option under the Server Explorer, a list of all databases available under the selected instance will be displayed. Select the databases that you plan to perform a SQL Server Audit on it then click on the Add button, as shown below:

添加新SQL Server实例后，将显示用于在该服务器下添加数据库以进行审核的选项。 如果单击服务器资源管理器下的“ 添加数据库”选项，将显示所选实例下所有可用数据库的列表。 选择要对其执行SQL Server审核的数据库，然后单击“ 添加”按钮，如下所示：

And the selected databases will be shown as a list under the SQL Server name, with the ability to add more databases or remove the database from the same Server explorer. You can also stop auditing the selected SQL Server, edit the SQL Server information or completely remove that SQL Server from the audit list, as shown below:

所选数据库将显示为SQL Server名称下的列表，并能够添加更多数据库或从同一Server资源管理器中删除数据库。 您还可以停止审核所选SQL Server，编辑SQL Server信息或从审核列表中完全删除该SQL Server，如下所示：

审核SQL Server实例级别的操作 (Audit SQL Server Instance Level Actions)

ApexSQL Audit provides us with a wide range of actions that can be tracked at the SQL Server instance level. To achieve that, select the SQL Server that you manage to audit, click on the Configure button, under the Home menu, and a list of all types of server-level actions will be displayed. You need to select the group of actions that you are interested to audit and optionally the list of applications and logins to be audited. After customizing your SQL Server Audit solution, click on the Apply button to save these changes then review the selected SQL Server Audit actions in the action’s summary window, as shown below:

ApexSQL Audit为我们提供了可以在SQL Server实例级别进行跟踪的各种操作。 为此，请选择要管理SQL Server，单击“主页”菜单下的“ 配置”按钮，然后将显示所有类型的服务器级操作的列表。 您需要选择要审核的一组操作，还可以选择要审核的应用程序和登录名列表。 自定义您SQL Server审核解决方案后，单击“ 应用”按钮以保存这些更改，然后在操作的“摘要”窗口中查看选定SQL Server审核操作，如下所示：

To check if there are actioned captured by the ApexSQL Audit from that server, go back to the Status window and you will see the number of actions that are performed and captured on the selected SQL Server instance, under the Operations Overview below:

要检查ApexSQL Audit是否从该服务器捕获了操作，请返回到“状态”窗口，您将在下面的“ 操作概述”下看到在所选SQL Server实例上执行和捕获的操作数 ：

To review the captured actions, click on the Reports button, under the Home menu. From the displayed report configuration window, draw your report by specifying the source, criteria and types of the captured information that you are interested in, includes, the source server, database, login, action type…etc, with the ability to specify the list of columns that you need to view and the time range for that report as below:

要查看捕获的操作，请单击“主页”菜单下的“ 报告”按钮。 在显示的报告配置窗口中，通过指定感兴趣的捕获信息的来源，标准和类型（包括源服务器，数据库，登录名，操作类型等）来绘制报告，并可以指定列表您需要查看的列数以及该报告的时间范围如下：

After drawing your criteria, review your SQL Server Audit filter selections from the Report Summary window then click Preview button to display the capture information, based on your filtration or Save button to keep the selected criteria for future use:

绘制条件后，请从“ 报告摘要”窗口中查看“ SQL Server审核”过滤器选择，然后单击“ 预览”按钮以显示基于过滤的捕获信息，或单击“ 保存”按钮以保留选定的条件供将来使用：

审核SQL Server数据库级操作 (Audit SQL Server Database Level Actions)

ApexSQL Audit provides us also with a wide range of actions that can be tracked and audited at the SQL Server database level. To audit a specific SQL Server database, choose that database from the databases list under the Server Explorer, click on the Configure button, select the group of actions that you are interested in auditing, includes DML, DDL, Execute and SELECT operations, review your choices in the Summary section then click on the Apply button to save the changes, as shown below:

ApexSQL Audit还为我们提供了可以在SQL Server数据库级别进行跟踪和审核的各种操作。 要审核特定SQL Server数据库，请从服务器资源管理器下的数据库列表中选择该数据库，单击“ 配置”按钮，选择您要审核的一组操作，包括DML，DDL，执行和SELECT操作，然后查看“ 摘要”部分中的选择，然后单击“ 应用”按钮以保存更改，如下所示：

You can also expand your selection by specifying the group of SQL Server Audit actions to be audited per each table. Select your database, click on the All button, then under the Objects section, click Include to specify the list of tables to audit or Exclude to specify the list of tables not to audit. After specifying the tables list, review the choices under the Summary section then click on the Apply button to save your changes, as below:

您还可以通过指定每个表要审核SQL Server审核操作的组来扩展选择。 选择数据库，单击“ 全部”按钮，然后在“ 对象”部分下，单击“ 包括”以指定要审核的表的列表，或单击“ 排除”以指定不审核的表的列表。 指定表列表后，查看“摘要”部分下的选择，然后单击“ 应用”按钮以保存更改，如下所示：

To review the actions that are captured by ApexSQL Audit based on the configured Audit criteria, click on the Reports button, under the Home menu. From the displayed report configuration window, configure your report by specifying the criteria of the captured information that you are interested to display, includes, the source server, database, login, action type…etc, with the ability to specify the list of columns that you need to view and the time range for that report. After configuring the report selection, review your choices under the Report Summary section then click Preview to display the data or Save to keep the report for future use, as shown below:

要查看ApexSQL Audit根据配置的审核条件捕获的操作，请单击“主页”菜单下的“ 报告”按钮。 在显示的报告配置窗口中，通过指定要显示的捕获信息的条件（包括源服务器，数据库，登录名，操作类型等）来配置报告，并可以指定要显示的列的列表。您需要查看该报告的时间范围。 配置报告选择后，在“ 报告摘要”部分下查看您的选择，然后单击“ 预览”以显示数据或单击“ 保存”以保留报告以备将来使用，如下所示：

出口审核结果 (Export Audit Result)

ApexSQL Audit allows us also to export the audit data to different files formats, including PDF, Word, Excel and CSV formats. To achieve that, configure a new report or open an existing report then click on the Generate button and choose from the available files’ formats. In a few seconds, you will see that the generated file will be saved automatically to the ApexSQL Audit folder, and a link to open that file directly will be provided, as shown below:

ApexSQL Audit还允许我们将审核数据导出为不同的文件格式，包括PDF，Word，Excel和CSV格式。 为此，请配置新报告或打开现有报告，然后单击“ 生成”按钮，然后从可用文件的格式中进行选择。 几秒钟后，您将看到生成的文件将自动保存到ApexSQL Audit文件夹，并提供直接打开该文件的链接，如下所示：

We reached the last article in the SQL Server Audit series. Hope you enjoyed it. Stay tuned for my next articles series ?

我们到达了SQL Server审计系列的最后一篇文章。 希望你喜欢。 请继续关注我的下一篇文章系列？

目录 (Table of contents)

SQL Server Audit Overview

Implementing a manual SQL Server Audit

Creating a SQL Server audit using SQL Server Extended Events and Triggers

Auditing by Reading the SQL Server Transaction Log

Change Data Capture for auditing SQL Server

Creating a SQL Server audit using SQL Server Change Tracking

SQL Server Audit Feature Components

Using the SQL Server Audit Feature to Audit Different Actions

Performing a SQL Server Audit using System-Versioned Temporal Tables

Perform a SQL Server Audit using ApexSQL Audit

SQL Server Auditing Best Practices

SQL Server审核概述

实施手动SQL Server审核

使用SQL Server扩展事件和触发器创建SQL Server审核

通过读取SQL Server事务日志进行审核

更改数据捕获以审核SQL Server

使用SQL Server更改跟踪创建SQL Server审核

SQL Server审核功能组件

使用SQL Server审核功能来审核不同的操作

使用系统版本的临时表执行SQL Server审核

使用ApexSQL审核执行SQL Server审核

SQL Server审核最佳做法

翻译自: https://www.sqlshack.com/perform-a-sql-server-audit-using-apexsql-audit/

apexsql使用方法