SQL Audit DSC

1. #Set-TargetResource
2.  
3. # Avoid loading all of the sqlps module - this is faster and more stable
4. [void][reflection.assembly]::LoadWithPartialName("Microsoft.SqlServer.Smo")
5.  
6. if( $SQLInstance = "MSSQLSERVER" ) {
7.     $SQLInstance = ""
8. }
9.  
10. $server = New-Object Microsoft.SqlServer.Management.Smo.Server("$SQLServer\$SQLInstance")
11. $audit = $server.Audits | Where-Object -FilterScript  { $_.Name -match ( '^' + $AuditName + '$' ) }
12.  
13. if ( $audit -eq $null ){
14.     Write-Verbose -Message "Creating audit $AuditName."
15.     $audit = New-Object Microsoft.SqlServer.Management.Smo.Audit($server, $AuditName)
16.     $audit.DestinationType = [Microsoft.SqlServer.Management.Smo.AuditDestinationType]'ApplicationLog'
17.     $audit.QueueDelay = 1000
18.     $audit.OnFailure = [Microsoft.SqlServer.Management.Smo.OnFailureAction]'Continue'
19.     $audit.Guid = [guid]::NewGuid().Guid
20.     $audit.Create()
21.     $audit.Enable()
22. }
23.  
24. #If audit spec doesn't exist already, create it. If it exists but isn't mapped to the audit, maps it.
25. $auditSpec = $server.ServerAuditSpecifications | Where-Object -FilterScript { $_.Name -match ( '^' + $AuditSpecName + '$' ) }
26.  
27. if ( $auditSpec -eq $null ){
28.     Write-Verbose -Message "Creating server audit specification $AuditSpecName."
29.     $auditSpec = New-Object Microsoft.SqlServer.Management.Smo.ServerAuditSpecification($server, $AuditSpecName)
30.     $auditSpec.AuditName = $AuditName
31.     #Add actions to audit spec
32.     #TODO: Instead of iterating, use the AddAuditSpecificationDetail(ICollection<AuditSpecificationDetail>) method.
33.     foreach ( $action in $AuditActions ){
34.         $specDetail = New-Object Microsoft.SqlServer.Management.Smo.AuditSpecificationDetail([Microsoft.SqlServer.Management.Smo.AuditActionType]$action)
35.         $auditSpec.AddAuditSpecificationDetail($specDetail)
36.     }
37.     $auditSpec.Create()
38.     $auditSpec.Enable()
39. } elseif ( $audit.EnumServerAuditSpecification() -notmatch ( '^' + $AuditSpecName + '$' ) ){
40.     Write-Verbose -Message "Attaching server audit specification $AuditSpecName to audit $AuditName."
41.     $auditSpec.AuditName = $AuditName
42.     $auditSpec.Alter()
43.     $auditSpec.Enable()
44. }
45.  
46. #If the specs don't match $AuditActions, wipe the specs and replace them.
47. $auditSpecActions = $auditSpec.EnumAuditSpecificationDetails().Action | ForEach-Object -Process { $_.ToString() }
48.  
49. if ( Compare-Object -ReferenceObject ($AuditActions | Sort-Object) -DifferenceObject ($auditSpecActions | Sort-Object) ){
50.     Write-Verbose -Message "Replacing details in server audit specification $AuditSpecName with those specified."
51.     #TODO: Instead of iterating, use the RemoveAuditSpecificationDetail(ICollection<AuditSpecificationDetail>) method.
52.     foreach ( $action in $auditSpec.EnumAuditSpecificationDetails() ){
53.         $auditSpec.RemoveAuditSpecificationDetail($action)
54.     }
55.     #TODO: Instead of iterating, use the AddAuditSpecificationDetail(ICollection<AuditSpecificationDetail>) method.
56.     foreach ( $action in $AuditActions ){
57.         $specDetail = New-Object Microsoft.SqlServer.Management.Smo.AuditSpecificationDetail([Microsoft.SqlServer.Management.Smo.AuditActionType]$action)
58.         $auditSpec.AddAuditSpecificationDetail($specDetail)
59.     }
60.     $auditSpec.Alter()
61.     $auditSpec.Enable()
62. }