| Author | Garry Bargsley (@gbargsley), blog.garrybargsley.com |
| Availability | Windows, Linux, macOS |
Want to see the source code for this command? Check out Get-DbaInstanceAudit on GitHub.
Want to see the Bill Of Health for this command? Check out Get-DbaInstanceAudit.
Retrieves SQL Server audit objects from instance-level security auditing configurations.
Retrieves all configured SQL Server audit objects at the instance level, which define where security audit events are stored and how they're managed. These audits capture login attempts, permission changes, and other security-related activities across the entire SQL Server instance. The function returns detailed information including audit file paths, size limits, rollover settings, and current status, helping DBAs monitor compliance and troubleshoot security configurations without manually querying system views.
Get-DbaInstanceAudit
[-SqlInstance] <DbaInstanceParameter[]>
[[-SqlCredential] <PSCredential>]
[[-Audit] <String[]>]
[[-ExcludeAudit] <String[]>]
[-EnableException]
[<CommonParameters>]
PS C:\> Get-DbaInstanceAudit -SqlInstance localhost
Returns all Security Audits on the local default SQL Server instance
PS C:\> Get-DbaInstanceAudit -SqlInstance localhost, sql2016
Returns all Security Audits for the local and sql2016 SQL Server instances
The target SQL Server instance or instances. This can be a collection and receive pipeline input to allow the function
to be executed against multiple SQL Server instances.
| Alias | |
| Required | True |
| Pipeline | true (ByValue) |
| Default Value |
Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential).
Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported.
For MFA support, please use Connect-DbaInstance.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Specifies which audit objects to retrieve by name. Accepts multiple audit names to return only those specific audits.
Use this when you need to check configuration or status for particular audits instead of retrieving all instance-level audits.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
Specifies which audit objects to exclude from results by name. Accepts multiple audit names to filter out unwanted audits.
Use this when you want to retrieve most audits but skip specific ones, such as excluding test or temporary audits from compliance reports.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value |
By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message.
This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting.
Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.
| Alias | |
| Required | False |
| Pipeline | false |
| Default Value | False |