I want to track inserts updates and deletes on a number of tables. What I currently have is
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
ADD (UPDATE ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
ADD (DELETE ON OBJECT::[dbo].[SomeTable] BY [SomeUser]),
... More Tables ..
WITH (STATE = ON);
Is there a set of Principals that would equate to "Any User" that I can use instead of the 'SomeUser' in my script?
You can use the public group
eg:
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT ON OBJECT::[dbo].[SomeTable] BY [public])
...
or any other group that all your users belong to.
You can also group the events you want to audit,
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT, UPDATE, DELETE ON OBJECT::[dbo].[SomeTable] BY [public])
...
If you want to audit all the tables you can use the database object
ALTER DATABASE AUDIT SPECIFICATION [mySpec]
ADD (INSERT, UPDATE, DELETE ON DATABASE::databasename BY [public])
...