SQL Server Auditing is useful for auditing the usage of your database operations.
We’ve got quite a bit of new features and enhancements in SQL Server 2012.
First, server level auditing is now available in all SQL Server 2012 editions. Database level auditing is available only in Enterprise, Developer and the Evaluation editions.
SQL Server Auditing is more resistant to auditing destination failures and can recover in most cases after the destination reappears as available.
Together with the recovery enhancement we can define the Audit to fail operations in case of failure to log it, or just ignore it (continue) and the shutdown options we got on earlier versions.
The audit log will record additional T-SQL stack frame information when available, this may help determine if an object was accessed directly or through a stored procedure.
We can filter audit information before it is written into the audit target by specifying WHERE clause in the audit definitions.
New file option determines maximum number of audit files, in order to prevent possible audit record lost due to rollover.
We need to be careful with this option because once the limit is reached, a new operation that require auditing will fail.
We got new audit groups for contained databases, new stored procedure – sp_audit_write, and new columns in audit related views and functions.
SQL Server Auditing is a powerful tool that easily can help database administrators and security teams to comply with organization and industry standards.