Skip to main content
Skip table of contents

EVID 33205 : SQL Audit Event

Classification

Rule Name

Rule Type

Common Event

Classification

EVID 33205 : SQL Audit EventBase RuleObject OperationOther Audit Success
Table DeletedSub RuleObject Deleted/RemovedAccess Success
Server Role DroppedSub RuleUser Account DeletedAccount Deleted
Scalar Function ExecutedSub RuleCommand ExecutedAccess Success
Stored Procedure ExecutedSub RuleCommand ExecutedAccess Success
Synonym ExecutedSub RuleCommand ExecutedAccess Success
Security Policy ExecutedSub RuleCommand ExecutedAccess Success
Type ExecutedSub RuleCommand ExecutedAccess Success
Table InsertedSub RuleObject ModifiedAccess Success
Index LoginSub RuleLogin Or Logout Event ExecutedOther Audit
Index LogoutSub RuleSession ClosedOther Audit Success
Synonym SelectedSub RuleObject AccessedAccess Success
Function Scalar Object SelectedSub RuleObject AccessedAccess Success
Tablet SelectedSub RuleObject AccessedAccess Success
View SelectedSub RuleObject AccessedAccess Success
Table UpdatedSub RuleObject ModifiedAccess Success
Function Table-valued Object SelectedSub RuleObject AccessedAccess Success

Mapping with LogRhythm Schema  

Device Key in Log Message

LogRhythm Schema

Data Type

Name<vendorinfo>Text/String
Eventid<vmid>Number
Level<severity>Number
Computer<sname>Text/String
server_instance_name<dname>Text/String
server_principal_name<login>Text/String
target_server_principal_name<account>Text/String
session_id<session>Text/String
action_id<sessiontype>Text/String
database_name<object>Text/String
object name<objectname>Text/String
schema_name<group>Text/String
succeeded<result>Text/String
sequence_number<quantity>Number
action_id<tag1>Text/String
class_type<tag2>Text/String
database_principal_name<tag3>Text/String
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close