Skip to content

Enable Failed Login Auditing


Microsoft SQL Server has four settings for login auditing:

1) None (not recommended) 2) Login failure (minimum for this rule) 3) Login success (not recommended) 4) Both login success and failure (Best practice)


Login failure auditing is required by many compliance standards, and is needed to detect password guessing attempts.

Applies To

  • Databases


This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service rds
secureclouddb/engine sqlserver

Default Rule

const { checkServerSetting } = module
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if 'login auditing' is set to failed logins
function validate(databaseSettings) {
    const success = checkServerSetting(databaseSettings, 'audit level', "failure")

    return {