I heard Microsoft Stream Insight is powerful and is capable of handling 5k events per seconds. We have sensitive data in SQL Server database. We have enabled SQL Audit Log. A function sys.fn_get_audit_file('auditlogfile') will show all the content of audit log file. I have seen some examples in internet where StreamInsight only reads historical data in CSV format or where some simulated event is generated. How can I use StreamInsight to monitor sql audit log forever and store the captured logs in SQL Server table. I can do it with pure C#.NET or SSIS but our manager is so impressed with StreamInsight that he wants it implemented so badly.
It's been a few years since I've used StreamInsight so I may be a bit rusty.
If you are going to use StreamInsight, you, the developer, are on the hook for creating any needed input and output adapters. For your situation, you will need to find a mechanism for reading/parsing the audit log into custom events (IObservable). On the output side of things, you will need to create an output adapter (IObserver) that will write the data to the desired SQL table. I've written a generic SQL output adapter in the past and it is not terribly difficult.
On another note, there is a max size for an event in StreamInsight and it is 16kb.
I hope that helps.