I heard Microsoft Stream Insight is powerful and is capable of handling 5k events per seconds. We have sensitive data in SQL Server database. We have enabled SQL Audit Log. A function sys.fn_get_audit_file('auditlogfile') will show all the content of audit log file. I have seen some examples in internet where StreamInsight only reads historical data in CSV format or where some simulated event is generated. How can I use StreamInsight to monitor sql audit log forever and store the captured logs in SQL Server table. I can do it with pure C#.NET or SSIS but our manager is so impressed with StreamInsight that he wants it implemented so badly.
How can I use Microsoft Stream Insight to monitor Audit Logs in SQL Server?
255 views Asked by Merin Nakarmi At
1
There are 1 answers
Related Questions in SQL-SERVER
- Dynamic query creation with Array like implementation
- 'pyodbc.Cursor' object has no attribute 'callproc', mssql with django
- Driver com.microsoft.sqlserver.jdbc.SQLServerDriver claims to not accept jdbcUrl, ${SPRING_DATASOURCE_URL}: GitHub Actions
- PHP Laravel SQLServer could not find driver
- Upsert huge amount of data by EFCore.BulkExtensions
- How to locate relevant tables or columns in a SQL Server database
- Cannot delete SQL datafile (.mdf) as its currently in use
- Writing query in CTE returning the wrong output
- Group By Sum and without Group by sum Amount is different
- plan_handle is always different for each query in SQL Server Cache
- Adding a different string to a table fails
- The specified data type in the EF modelBuilder doesn't correspond to the one that is created
- SQL71561: SqlComputedColumn: When column selected
- How to Solve Error Associated with Trusted Authority
- SQL Server Data Model and Insert Performance
Related Questions in AUDIT-LOGGING
- ldap 389ds - logging - cat <> stdout-fifo-pipe-file > /dev/stdout - No AUDIT logs 0 byte file
- Audit a share Excel workbook
- Move data from System-versioned history tables out of database
- BigQuery: Assess overall read volume per table
- Kafka Confluent - Issue with Audit Log Configuration
- How to fetch Azure Databrciks Audit Logs
- How do you set the NTFS permissions for an append-only log, and append to it in VB6?
- Launch a Firestore requests using firebase admin sdk without service account
- Can I log a Laravel username using Doctrine and the MariaDB Audit Plugin?
- Custom Datadog regex does not capture individual entries within auditd "msg" field
- Using log analytics logs to track requests for auditing purposes
- I am using this package, namespace Volo.Abp.AuditLogging and it is generating dll files
- Learning to navigate the codebase; is there any audit functionality?
- Elastic Search - How to forward Elastic Search Audit Logs to an external storage?
- Alternative to DBs for storing audit logs?
Related Questions in STREAMINSIGHT
- Replicate TBs of data between AWS rds and on premise sql instances in < 5 mins
- How can I use Microsoft Stream Insight to monitor Audit Logs in SQL Server?
- IQStreamable: cannot convert from 'string' to 'System.Linq.Expressions.Expression
- Exception when StreamInsight 2.3 is running
- Can I bind a query to an existing process of StreamInsight server?
- StreamInsight: Access is denied
- How to save and reload standing queries of StreamInsight
- Moving to Azure Stream Analytics from StreamInsight
- Microsoft StreamInsight - cloud based?
- Does Microsoft StreamInsight support for C++?
- I need to create a dynamic query using StreamInsight 2.1 and reactive extensions
- StreamInsight and long running queries
- In StreamInsight, I am trying to walk through code
- Streaminsight vs CDC
- How do I run multiple queries in the same StreamInsight process?
Related Questions in COMPLEX-EVENT-PROCESSING
- Null getUnderlying() in Esper Listener Despite Pattern Match
- Retrieving all events in esper epl pattern
- Sliding Window in Apache Flink emitting results before the window is complete
- Flink CPU grows gradually overtime resulting in a container kill
- Flink cep key by will not decrease in usage status
- Send special chars from CEP panel to Extendscript
- I Can't Get Statistics From Siddhi Query Guide Example
- WSO2 Stream Processor (SP) Json string cannot be parsed to a json object
- WSO2 Stream Processor (SP) Error "could not initialize carbon deployment engine"
- VSCode IntelliSense for commonJS modules using path.join()
- How to get second largest value as second value in esper
- How can scale complex event based processing? (best practices for algorithmic trading)
- How to limit memory consumption in Esper Window
- Esper Engine : Same table created again when running JUNIT test cases
- providing context for next condition
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
It's been a few years since I've used StreamInsight so I may be a bit rusty.
If you are going to use StreamInsight, you, the developer, are on the hook for creating any needed input and output adapters. For your situation, you will need to find a mechanism for reading/parsing the audit log into custom events (IObservable). On the output side of things, you will need to create an output adapter (IObserver) that will write the data to the desired SQL table. I've written a generic SQL output adapter in the past and it is not terribly difficult.
On another note, there is a max size for an event in StreamInsight and it is 16kb.
I hope that helps.