ApexSQL Audit release notes

Enhancements:

• Added configuration settings for extended sessions for auditing data collection management
• Detailed report metadata is now available in the report header in the export file
• Apply auditing configuration to multiple SQL Server instances and databases

Fixes:

• 178163: The Drop trigger event is shown twice in reports when using the Extended Events data collection method
• 182827: The Create trigger event is shown twice in reports when using the Trace data collection method
• 182828: The Alter trigger event is shown twice in reports when using the Trace data collection method
• 182829: The Drop trigger event is shown twice in reports when using the Trace data collection method
• 183534: Additional storage space is consumed during upgrade installation when structural changes are introduced into central repository database
• 186429: “Empty name is not legal” error is encountered, and application closes when the field for report name is left empty
• 186430: The e-mail recipient list is not shown in the summary info of the schedule archiving wizard
• 187123: The SQL Server connectivity monitor system alert performs SQL connection checks to the passive node in fail-over cluster environment
• 187166: The path for the central repository database file in the central instance setup dialogue always reverts to default when custom path is chosen
• 188362: Advanced filters for before-after auditing are not saved when landing to another tab immediately after applying configuration
• 188363: Sensitive column list in the configuration tab cannot be refreshed for the selected database when GUI is restarted
• 189137: Several filter parameters for generating reports are not saved in created profiles
• 189313: “Index was out of range. Must be non-negative and less than the size of the collection” error is encountered, and application closes when any schema is checked in the Include/Exclude database object view and the Group by schema and type option is turned ON
• 189314: Sensitive column search fails due to encountered timeout for databases with long queried views
• 187256: The date settings dialogue controls for the Date filter item is not visible in reporting Advanced filters when screen resolution is set to 4K
• 190569: Incorrect render of "new line" input for the SQL text query data in the report export
• 191554: The defined value for Text data filter item is not visible in advanced filters configuration
• 192447 The report export is not attached with the e-mail notification for scheduled reports when there are no events captured

Changes:

• The schedsule wizard now prompts for confirmation when closed before configuring
• The title bar for the application GUI title now includes the information about account that is running the GUI
• The database maintenance internal event report now shows filters used for archive data purging
• Databases in the Apply profile dialogue are now grouped per hosted server instance
• Sensitive columns list in the Sensitive data access alert configuration wizard now indicates SQL instance affiliation

Enhancements:

• Group Managed Service Accounts (gMSA) support for the auditing service deployment
• Column-level and sensitive data access auditing
• Automatically add new databases to the auditing configuration
• Detection of new SQL Server instances
• Custom columns can now be included in a before-after auditing trail
• Archiving status and results can be forwarded via e-mail notification
• Exported reports show the time range of the audit report
• New system alert for automatic database configuration update

Fixes:

• Auditing configuration is not deployed for Extended Events and SQL Audit when compliance template is used
• “Invalid activation code” message is shown when activating the product manually
• Extended events technology is not auditing Exec operation forwarded via “sp_statement” procedure call
• The application launcher icon is not created on Desktop when upgrading to 2020 versions
• The before-after report export is not structured according to the preview data grid
• Preview SQL text data is not displayed in the grid in specific cases
• "Saving configuration was not successful" error is encountered when named failover SQL instance is added for auditing
• Before-after auditing is not configurable for multiple databases sharing the same table name and schema on SQL Server 2017 and higher
• Alert notifications are not forwarded for operations when multiple SQL events are executed in the same transaction

Changes:

• Error handling and send logs functionality has been modified

Enhancements:

• The audited service no longer needs manual intervention when login authentication is unavailable at start-up

Fixes:

• Create trigger operations are logged twice when audited via Traces
• Data collection drop menu shows only “auto” option in a specific case
• Advance filters configuration does not display newly added objects in the configuration grid when objects from a specific group are added to the configuration
• Enable\Disable trigger operation is logged twice when audited via Traces
• Extended events configuration is incorrectly deployed in a case when the database configuration filter contains a single database object
• Before-after values are not exported in a report document when data is retrieved from archive data sources only

Enhancements:

• Configuration change system alert has been added
• Report exporting is up to 200% faster for all supported report formats
• Application telemetry now collects anonymous data on the use and performance of applications and application components
• New ApexSQL Updater allows users to configure advanced updating settings of all installed ApexSQL products

Fixes:

• Duplicate events are shown in the auditing report in specific case
• The 'Auditing stopped' internal event is not audited
• Schema and Object name are not audited for Bulk insert operation
• Schema and Object name are not audited for Create table insert operation
• Configuration changes are not applied when database objects are filtered with include/exclude in simple filters when SQL Audit auditing mechanism is used
• Auditing mechanism info is not shown in the status overview tab
• Internal events are not affected by the server filter
• Changes to the "Attach report to e-mail in .zip format" are not saved
• Extended events technology is not auditing SQL Statements forwarded form "exec sp_executesql @statement"
• The 'contains' filter criteria will not properly filter events if used in conjunction with "Login name" filter type
• The "Network connectivity" alert does not raise notification in a specific case
• DML operations are not audited in case when two compliance templates are merged
• The "Make new folder" button is not working when creating a location for Schedule Report output
• SQL text data is truncated when Create/Alter server trigger events are audited via Extended Events
• SQL text data is truncated when login failed events are audited via Extended Events
• Create/Drop login events are logged twice when audited via Extended Events
• Create table operations are logged twice when audited via Extended Events
• Alter service master key SQL statement is logged twice when audited via Extended Events
• Object name column is empty for close symmetric key SQL operation
• EXEC SQL statement is not audited via Extended Events
• Alter queue SQL statement is not audited via Extended Events or Traces auditing mechanisms
• Configuration cannot be applied when group by schema and type filter is used via Extended events or SQL Audit mechanisms
• Application is closed if the 'unknown' filter is used for client host
• Importing auditing configuration fails when Extended Events or SQL Audit auditing mechanisms are used
• Enable and Disable trigger operations are incorrectly logged as Alter trigger operation when using Extended Events
• Auditing configuration deployment fails due to NULL reference exception when SQL Server is renamed

Changes:

• Central instance configuration step has been moved to the beginning of the installation wizard

Fixes:

• Auditing configuration is not appliable when database objects are used as a filter condition via SQL Audit auditing technology
• Schedule task complete unsuccessfully in case there is no audit evidence based on reporting template filters
• Error validating assembly due to special characters are included in the assembly name
• "Saving configuration was not successful" in specific case on SQL 2012
• Extended events or SQL Audit based auditing will not run for databases including symbols
• Events are not being audited on SQL 2005 and SQL 2008
• Before/after values are shown as empty if part of columns is not audited via BA for update operations
• Audit login, Audit logout and Audit login failed events are not audited for SQL 2012 or lower
• Auditing events are not populated for login groups used as a filter condition
• Unhandled exception occurs while obtaining data from an empty SQL Audit file
• Before After sub-report in extracted file is empty in specific case
• EXEC operation audited via Extended Events is not parsed correctly

Fixes:

• The Support center button in the Resources tab references nonexistent Support page
• Insert and Delete SQL statements are not being audited via Extended Events

Enhancements:

• Support for SQL Server 2019

Fixes:

• Auditing configuration is incorrectly deployed for Extended Events technology via Advanced filters when login, database or application name conditions are used
• Data collecting technology is always set to auto for Failover Cluster instances in agent auditing properties
• Database and Login information is missing in the 'Audit login failed' event when data collection via SQL Audit is applied
• "Saving configuration was successful" is incorrectly shown even when before-after configuration was not applied
• Auditing configuration is incorrectly deployed for SQL Audit technology via Advanced filters when login, SQL text constrain filter or application name conditions are used
• Before-after triggers deployment fails due to NULL object reference in specific case

Enhancements:

• Extended Events can now be used as an auditing mechanism for SQL Server 2012 or higher
• SQL Audit can now be used as an auditing mechanism for SQL Server 2017 or higher
• Up to 200% smaller overhead when using SQL Auditing or Extended Events auditing technologies
• Up to 200% faster processing of audited data when using SQL Auditing or Extended Events auditing technologies
• SQL Text data is now customizable in auditing configuration on both server and database levels
• Dynamic date/time filters are now available in advanced filters as well
• MDF file location can now be customized in the Central Repository installer

Fixes:

• End of installation process will needlessly prompt Windows restart
• Report summary icons are not showing proper objects
• Report summary is missing information of the applied compliance standard
• System databases are not distinctively shown in browse database dialogs
• “No such host is known” message is shown when user initiates the send logs from GUI that is not connected to the central
• x86 SQL Server instances are not listed in the repository installer drop-menu
• "Group by" checkbox remains checked after ungroup is chosen in the report/schedule history
• Control buttons are missing in grid view header in Archiving history
• Operation overview status check enters infinite loop and affects GUI performance if there are no events on the selected SQL Server instance
• Central repository database is listed in the maintenance wizard controls
• Administrator credentials are not saved upon expanding the Advanced options in the Auditing agent properties dialog
• Account validation of remote GUI fails in case where Domain Controller machine does not share the same version of .NET runtime environment with the Central
• There is no control for MDF file configuration in the Central Repository installer
• Operation state is shown as “Failure” in case when "IN (x,y)" condition is used in SQL Query
• Loading packages from 2016 to 2018 product version fails
• Excluded database objects with similar name to included objects are shown in the reports
• "Trial period has ended" message is shown in the Status tab when the central machine is rebooted or when the application is updated, even though it was activated previously
• “Archiving failed” error is encountered when report scheduler that was used to generate report is deleted and full report schedule history still exists
• “Network connectivity monitor” built-in alert notifications are not being triggered when network connection with auditing instance is lost
• Archiving old database during the installation process fails in specific case
• Fixing server connection process crashes application in specific case
• ApexSQL Audit GUI will use all available CPU resources while refreshing the status without waiting for the ongoing refresh status process to complete
• The “Create login operation” state is always shown as “successful”
• DBCC operation is collected twice for same transaction in auditing trail
• Create/Drop statistics are incorrectly recognized as Alter table operation
• Save button is generating a report preview when list of columns is changed
• Operation "Drop sequence" is not being audited
• Operation "Create sequence" is not being audited
• The latest updated version is not stored in archive if upgrade process fails but has made an update on any newer version
• Global info is not updated in the status bar after product activation
• Default HIPAA and Basel II reporting templates ignores the time range filter configuration
• Default HIPAA and Basel II reporting templates always switch to advanced filter type when time-range is not set to "All days"
• Pre-defined reporting templates do not take custom time filter into account
• Archiving history list is using single page
• Internal events are not listed in the internal event type
• Weekly schedule always executes on Sundays
• Link for testing e-mail configuration is not presented as a hyperlink in 4k resolution

Changes:

• Software Transaction Agreement is added as a new step in the installation wizard and updated in accordance with https://www.quest.com/legal/sta.aspx

Enhancements:

• Repository archiving can now be scheduled
• Purge data from specific time range
• Split repository archives to multiple databases based on time and/or size
• Large reports are now automatically split into multiple files
• Scheduled report email information and details can now be customized
• Historical overview and details of scheduled report jobs are now available

Fixes:

• The Make new folder button is missing in the Browse for folder dialog during the installation
• Installation folder must be provided even if the previous tool version is detected and the upgrade process is initiated
• Saving report changes fails when only Internal events are included in the report
• Warning message is shown repeatedly when configuring alert conditions in case when any SQL Server instance is not connectable
• Information in the test summary for Cc and Bcc fields will overlap each other if multiple entries are added to the To, Cc, Bcc fields
• Total operations counter does not count in before-after events
• “Updating before-After configuration failed” error is encountered when updating before-after configuration on Windows Server 2019
• The application does not block adding the unsupported SQL Server versions to be configured for auditing with a misleading result due to the inability of starting such configurations
• Alerts are not being triggered for databases that belong to an availability group
• Before-after column filter does not filter out records for the tables that share the same column name with the tables that are filtered in
• The application closes when the value for "on day" reporting schedule settings is set to value greater than 31
• Search/find alerts will not include results which include appropriate value in the alert description
• Only “equal or greater than” operator is available in the SQL Script based alert condition
• "Folder browsing in remote client not supported. Write directory path from central instance manually" error is encountered when trying to browse for folder during the manual archiving wizard using remote client
• The Object type “table” is not available in the advanced filter configuration
• Remote SQL Server instances can be targeted when installing the Central Repository Database
• "An error occurred while processing request on central instance" error is encountered when generating excel reports which reach Excel 65.000 rows limitation
• If scheduled reports are empty they still get send to configured email recipients
• Email reports are always zipped
• Before-after auditing will show auditing values even in cases when execution of DML operations ended unsuccessfully in High Availability AlwaysOn environment
• It is not possible to copy/paste a login name when adding user
• Apply button is missing in the E-mail recipient list
• Reports are not showing data when state success/failure filters are used for internal events
• The "Add table" ribbon is not shown when server is highlighted in the server tree
• Alerts with the same name can be added using import/export alert
• Importing Advanced filter configuration fails in case when there is no previous configuration on the specific SQL Server instance
• “Object reference not set to an instance of an object” error is encountered when refreshing 'Add server' form
• Remote client users are not informed that the archiving process is in progress
• Two consecutive information messages are shown if archiving process fails
• Browse for folder dialog is not affected with theme selection
• Named failover cluster instances (FCI) are incorrectly recognized as passive
• It is not possible to copy/paste a password field in the agent auditing properties
• Exclude filter on database object does not exclude stored procedures
• “Package loading failed” error is encountered when updating application from version 2016 to 2018
• Scheduled report is not triggered on time after central instance converts to summer/winter time
• Multiple schedule executions are shown if the schedule includes multiple output formats
• Schedule log is missing info/column on execution success/fail and execution time
• Before-after auditing will not capture events when FIPS Windows feature is enabled
• Fixed permissions are not inherited for the users inside the defined AD group
• Fixed application mode (Administrator) is automatically assigned for the DC admins
• Archiving process info messages are not affected with theme selection
• Going back through the schedule wizard will show email config even if email send is disabled
• Application crashed in case of a backtrack from the second step to the first step in the schedule wizard
• Status overview does not retrieve data information for SQL Cluster instances
• Last operation in status overview displays IP address instead of SQL Server name for SQL Cluster instances
• Report schedule history is not refreshed after scheduled job is executed
• Application crashes with unhandled exception when switching from simple to advance filter type while an operation state is defined in simple filter
• "An error occurred while processing request on central instance" error is encountered when exporting before-after events to CSV format
• No data is shown in the before-after report if the "Object name is not xyz" condition is used
• Tampering with Schedule and ArchiveSchedule tables will not trigger integrity breach

Changes:

• The application now requires Microsoft .NET Framework 4.7.2
• Central repository now initially requires 1GB diskspace (down from 5GB)

Enhancements:

• A warning is now displayed in case when connection with an incompatible UI version to the central instance is initiated
• Package data is now encrypted

Fixes:

• "No events found" report results are shown if before/after value filter is used while pulling data from archive
• Table and column names are invisible in the before-after column filter in the reports
• "An error occurred while processing request on central instance" error is encountered when generating reports with large number of events
• CRD becomes unresponsive when multi GUI instances are running on the same machine and archiving is initiated
• Server and database objects are not displayed in advanced configuration filter when configuring Failover cluster instances
• Server and database objects are not displayed in advanced before-after configuration filter for Failover cluster instances
• Server list does not show audited SQL Server instances and databases if an audited database is not accessible
• Alerts history list is cleared if refresh or navigation buttons are used
• “Problem occurred on central instance” alert remains active in the status tab in case of database inactivity even after the triggered alert has been deleted
• Stopping the report exporting or preview generation processes incorrectly informs user that archiving process is in progress
• Incorrect number of alerts is shown when alerts are filtered by severity level
• Only first compliance configuration template is applied in case multiple compliance templates are used to overwrite existing configuration without applying templates in-between
• Retrieving auditing agent data does not retrieve previous information about client hostname when server is being edited
• Temporary files location does not point to the last configured location in the agent auditing properties window
• “Central repository inactivity” alert is shown as active even after the alert has been resolved
• Create/Alter trigger operations are not being audited
• "Saving configuration was not successful" error is encountered when adding specific tables for before-after auditing
• Expanding/collapsing tree view in the reports tab will trigger a configuration change and prompt to save/discard
• Application does not inform user on incorrect time-date filter setup if start time is greater than the end time in the reports
• Traces including before-after audited data are not being processed in case that they include special characters in the name like: “-“, “,” etc.
• "Error adding database(s)" error is encountered when adding databases for auditing in case a SQL Server instance which does not host chosen databases is selected in the server tree
• Server list does not show audited SQL Server instances and databases in case a table added for before-after auditing is renamed
• Server list does not show audited SQL Server instances and databases in case an audited database is deleted from SQL Server instance
• "Preview unsuccessful" is encountered when using more than 5 filters in the report when generating report preview
• A link to the output folder is missing in the schedule summary
• Application UI freezes and indefinitely remains in responding state when trying to disable a running schedule
• Empty reports are generated in case when archived repository which is included in the data sources list is removed from the SQL Server instance
• Imported system alerts cannot be deleted

Fixes:

• "Error Sequence contains no elements" error is encountered when new auditing instance is added and chosen in the Alert history
• Before-after alerts are not being triggered
• User is not informed that the SQL user is missing "View server state" property when making changes to the table audited for before-after changes
• Unable to apply configuration in case when database objects are filtered with include/exclude property
• User with reader privileges can change his account role
• ApexSQL Audit fails to start in case domain account has been added via Display name instead of account name
• Unable to run ApexSQL Audit UI on domain controller machine when local account is used
• Server-side components fail to start Windows thread if external exception is encountered
• Connectivity alerts are recognized as suspected tampering
• Status windows shows no information in case of reinstall
• SQL Server name including lower case characters is shown in upper case letters in advanced filters reports
• "The proposed new database owner is already a user or aliased in the database" error is encountered when upgrading to the latest application version in a specific case

Changes:

• The logon credentials are no longer mandatory in the SMTP configuration wizard

Enhancements:

• New error handling and send logs functionality
• Improved application installer with a dark theme
• New application icon
• Various filters based on alert details have been added to the alerts history pane
• Alerts can now be copied and exported
• Server-side components on remote instances are now automatically uninstalled when main application uninstall performed
• The SQL script can now be directly tested within the alert wizard
• Filter ‘by state’ has been added to the report preview
• Triggered alerts can now be marked as resolved
• The Primary key column value is now included in the auditing reports when auditing before-after values
• Before-after events can now be filtered by column in the report preview
• Before-after events can now be filtered by before-value and after-value in the report preview
• Bulk-inserts can now be audited for before-after values

Fixes:

• Application crashes when accessing schedules if there is an existing expired schedule
• In case when several SELECT operations are executed and audited consecutively, they get merged into one audited event which is then repeated 3 times
• ALTER database operation is reported as successful even if the execution has failed
• Certificate related operations are not audited
• Server-level DROP operations state is presented as N/A even in cases when operations have been successfully executed
• Server selection changes to the first server in the list when switching to the advanced filter
• Application fails to display notification that server-side components cannot be installed directly to an FCI node via Add server functionality
• The 'SQL Server connectivity monitor’ alert is incorrectly raised during the repository archiving process
• The ‘Disk space’ information is shown as N/A in cases when a disk drive is located on a remote network machine
• Time input for the Scheduler reverts to the default value if custom date is used
• The ‘Internal error -2’ error is encountered if temporary folder location finishes with the ‘\’ symbol
• Before-after triggers can’t be applied when there is already an existing database trigger with defined ‘last’ property
• The ‘At least one action must be selected’ warning message is displayed when creating a new schedule in case when no other schedules are active
• The tooltip in the Auditing agent properties dialog does not match the dark theme
• Several elements are overlapping in the configuration pane in 4k resolution
• Before-after auditing doesn't successfully audit the data when nested CLR triggers exist in cross-referenced tables
• The before-after triggers are not removed on application uninstall in a specific case
• The ‘There is already an object named 'Accounts#Const' in the database’ error is encountered when upgrading from 2107 to 2018 version in a specific case
• Audited event is not captured in case a SQL View from non-audited database executes SELECT on an audited database
• The EXEC events are not audited
• The ‘Provided user name is not recognized as a Windows user or user group’ error is encountered when adding user accounts in case when central repository host name has been changed
• The "Object reference not set to an instance of an object" error is encountered when adding entries to the email recipient list in a specific case
• The email recipient list for an existing alert is not updated when the change is executed via Options dialog
• Saving changes in a report template collapses previously expanded level tree view
• Default template is incorrectly selected after changes are saved on a custom report template
• Previously added local user account is recognized as a domain account in a specific case
• Changes are not remembered for the edited mail recipient in case when only existing information is updated, and no new information is added to the existing recipients
• Changes in the options dialog are rolled back if user switches to another tab in the options
• User is not informed if different application version is being used when connecting via remote GUI
• SQL text is being truncated in the report preview in specific cases
• Status overview does not change the state in case when auditing instance connection is severed
• GUI freezes when updating the configuration for the unresponsive auditing instances
• The alert counter inside the status bar is not following the current history active alerts
• Application does not notify the user if server-side components are not installed on the cluster node when adding active/passive server for auditing

Changes:

• The 'System' alerts can no longer be deleted
• The ‘ApexSQLAuditBeforeAfter’ temporary database is no longer used to temporarily store before-after audited data
• A separate SQL trace is now used for each database audited for before-after changes
• Database triggers created for the purpose of before-after auditing no longer require ‘first’ or ‘last’ triggering property

Enhancements:

• The server-side components can now be automatically installed from within the application GUI when adding SQL Server instances in the domain environment
• The Inactive repository alert has been added to notify when no auditing information has been inserted into the central repository database during a specified time-period
• Application level security has been added. Individual users or groups can now be added to administrator, power user and data reader roles

Fixes:

• The "String or binary data would be truncated" error is encountered when audited batch insert has more than 8000 characters
• Adding a new SQL Server to the before-after configuration via remote client fails in a specific case
• The State column is missing in the Schedules panel
• The “Insufficient privileges” warning message is shown when adding a database for the before-after auditing even though user has administrative privileges in a specific case
• Auditing configuration information is not shown when navigating from the Status tab to the Configure tab
• Part of the batch inserts information is cut-off in the report preview
• Missing information message that the creation of before-after triggers has failed
• Adding servers in the AlwaysOn environment fails when non-default port is used by the listener
• Missing information on the affected SQL Server instance in the Last operation details in application overview
• The "Failed to remove database" error is encountered if database is removed from the before-after auditing in case an auditing configuration has not been previously applied
• Server-side components are not installed on all nodes and replicas when adding clustered servers for auditing
• The “Central repository inactivity” alert remains active even after the issue has been resolved
• The application gets unresponsive when there is a delay while loading the reports
• The number of active alerts in the ribbon always shows zero active alerts
• The "Username and password are incorrect" error is encountered when upgrading to a new version with credentials previously saved by the application
• Missing information on checked objects is missing in the summary, if all objects are manually included
• The “SQL Server connectivity monitor” alert is triggering for the passive node in the cluster
• The Browse for folder button is missing in the Servers properties form
• The Cancel button is missing in the Generating preview pop-up form
• Checkboxes are missing on the group level when objects are grouped in the object filter
• The central repository database is not checked by default in the verify integrity check
• The Alert history grid is missing headers
• The CTRL+C and CTRL+V shortcuts are not working in text fields in the Email recipient list form
• The Update statistics operation is incorrectly displayed as alter table operation in the reports
• The “Server was not added for auditing” error is encountered when servers belonging to the cluster is added for auditing in case when server ping is disabled in the network/domain
• The “Object reference not set to an instance of an object” error is encountered when applying compliance filter to the specific set of databases
• The Alert history grid is not groupable by columns
• The before-after values for the very first operation are not included in the exported report
• The Schedules panel is missing a header for the grid
• Server-level status overview is missing the Operation overview info for the selected SQL Server instance
• The Alert history grid does not include alert name column
• The "Error stopping server" message is shown when trying to stop server when connection to the server is severed
• The schedule summary is not shown in the final step of the schedule creation wizard

Changes:

• The standalone reporting application has been removed

Fixes:

• The Always On primary replica hosted by SQL Server Fail Over Cluster Instance is not recognized when server is added for auditing
• Server-side components are not installed on all nodes and replicas when adding clustered instance for auditing
• Connection to the SQL Server fails while adding server for auditing in Always On environments when custom TCP port is configured for Availability group listener
• Overwriting report templates keeps the last modified settings in the UI reporting pane after changes are saved

Fixes:

• The "Unknown error has occurred " error is encountered when launching standalone instance of the application
• The "error adding database(s)" error is encountered when adding a database for auditing in case specific custom object types are used

Enhancements:

• More intuitive warnings and messages – more than 100 messages and warnings have been updated for better user experience
• Various application and auditing information is now available in the status bar including repository and servers state, disk space, repository size, active alerts and more
• Information on the central instance, disk, RAM is now available in the Status form for virtual machines hosting audited SQL Servers

Fixes:

• The before-after auditing triggers are not created on SQL Server 2017 in specific cases
• The before-after auditing triggers are not created on SQL Server 2008 in a specific case
• It is not possible to apply an auditing filter if at least one server event is not selected first
• Installation wizard is missing information that Windows restart is required after .NET Framework 4.7.1 is installed
• Auditing report changes to advance mode If date/time filter is configured while report is in the simple mode
• The “Sending log files has failed” error is encountered if Send logs command is initiated while the connection to the remotely audited machine is unavailable
• The 'Could not start collecting logs' error is encountered when sending application log files while Outlook is running
• Several buttons are missing from the Resources tab in the main ribbon when “Connection to the central repository” window is initiated
• The ‘The email configuration validation error’ message is encountered when changing UI theme after other options have already been changed in different Options tabs
• Columns dragged away from the preview grid are not unchecked in the Columns list

Changes:

• Checked options/fields are no longer marked with colored ribbon when checked

Enhancements:

• Relative date filter
• Multiple client application instances support
• High DPI and 4K resolution support
• Applied concepts of Visual Language Dictionary for Visual Studio for iconography, imagery, colors, menus, fonts, formatting and other GUI elements
• Auditing configuration for GDPR standard is added
• Out-of-the-box report for GDPR standard is added
• Scheduled reports can now be run on demand

Fixes:

• Filters are not applied to scheduled reports
• Previews are not created if central repository is larger than 50GB
• Multi-select in report preview does not work
• Application performs checks vs before-after database even when before-after auditing is not configured
• Database auditing configurations cannot be implemented in specific case
• All checkboxes are not checked when "Check all" checkbox is used
• The "Error changing configuration. Settings will be reverted" error is encountered when switching from simple to advanced filter if include/exclude objects, logins or application options are configured in the simple filter
• The add database screen shows only server level operations that can be selected but not related to databases
• Remove auditing instance is turned off and needs to be manually started after application update is performed
• The database list and object list forms are empty in a specific case
• Quarantine folder is not automatically cleared when quarantined items are processed
• The application freezes and has to be closed via task manager if the timeout is hit when checking for server-side components on remote instances
• Configured auditing filters disappear from the server list in a specific case
• Generating a report to excel file fails if cell value exceeds 32767 characters
• Application fails to inform the user if the database that is not an actual repository archive is added as a datasource
• The "end time" can be set before "start time" which makes created schedule unusable
• The "Error running report schedules" error is encountered if reports couldn’t be generated before the generation timeout elapses
• The "The system cannot find the file specified" error is encountered if accessing temporary folder that cannot be accessed from the central instance
• The "Value cannot be null. Parameter name: source" error is encountered when Send logs button is used in ApexSQL Audit Reports
• SQL Server 2017 is not shown in the "add server" form if default instance naming is used

Changes:

• New light, blue and dark themes are now available
• The application now requires Microsoft .NET Framework 4.7.1

Enhancements:

• Full support for AlwaysOn Availability Groups
• Reports can now be automatically created via integrated scheduler
• Dedicated before-after values auditing report

Fixes:

• Auditing stops when SQL Server failovers to a different node
• The Total events number from the previous report preview is shown even when there are zero events for the newly created report preview
• Canceling Add server or Add database wizards shows incorrect information that the SQL Server instance is not available and asks for access credentials
• Saving a custom auditing report will automatically open a preview for Default auditing report
• The application is checking connection to the ApexSQLAuditBeforeAfter temporary database even when before-after auditing is not enabled
• The "Unknown -1 error. The endpoint display system does not have available endpoints" error is encountered in a specific case while configuring auditing
• The “The socket connection was aborted” error is encountered when changing the application UI theme when a report preview was previously generated
• Report preview does not include any audited events when the application is upgraded from 2016 version in a specific case
• The “Sequence contains no elements” error is encountered when running reports in reporting application in some cases
• The installation of the central application instance cannot be canceled
• Confirmation message that archiving has been completed is not displayed
• Missing message that provided password was incorrect when adding SQL Server instance for auditing with incorrect password
• The Find option doesn’t find collapsed values in the report summary
• A vertical scrollbar does not exist in the Last operation text area when the operation is larger than the visible area

Enhancements:

• The execution timeout can now be defined when creating the database during the installation process

Fixes:

• ApexSQL Audit service from 2016 version continues to run in parallel with 2017 version service after update to 2017 version in specific case
• Application stops working in case when server-side components are not accessible
• SQL Server located on a different domain which uses the fully qualified name for connection cannot be added for auditing
• The login or application filters will not be applied at the database level auditing if no server level operations are configured
• The temporary files location browser aims at the local central instance folder instead to the remote machine that hosts server-side components
• The Failover Cluster Instance cannot be added for auditing in a specific case

Fixes:

• Clustered servers added for auditing are not listed in the Servers list in Configuration tab
• Application fails to run if FIPS Windows feature is enabled
• The "Index was outside the bounds of the array" error is encountered when verifying central repository database if repository archives have been created in ApexSQL Audit 2017 R2
• Update of existing archives to the latest version fails if 'archive old database' option is checked when upgrading to 2017 R2
• If the same query with identical SQL update is executed multiple times in a row, audited information on before-after auditing will not include event detail in the report preview
• If there is a substantial number of before-after events in the current repository, update to the 2017 version will not complete successfully due to timeout limitations and the process will roll back
• The 'value cannot be null' error is encountered when configuring before-after auditing in specific case
• The 'Agent unresponsive' error is encountered If timeout value is set to 0 in the installation wizard
• The "System.NullReferenceException" error is encountered when clicking on "Advanced" button in Reports tab in a specific case
• Email alerts will not be sent if alert title has multiple rows of text
• The "Column name 'BeforeAfterCrypt' in table ApexSQL.BeforeAfterChange is specified more than once" error is encountered during application update in specific case
• The "There is already an object named 'BeforeAfterChangeView' in the database" error is encountered when upgrading from 2015 to 2017 R2 version
• The "An error occurred while processing request on central instance" error is encountered when adding 2015 archives as data sources in the Options dialog
• If a database different to the repository archive is added as a datasource, all reports will be empty
• Application log file grows in size due to constant error "Error while processing errors from DB: System.Data.SqlClient.SqlException (0x80131904): Could not find stored procedure 'ListLogRecordBatch'." being written in it
• The before-after triggers created by ApexSQL Audit are not removed on application uninstall
• Export to network share does not complete in case CSV format is selected when exporting
• Link to download page does not work in the message displayed on update check
• Report templates are not sorted alphabetically within their respective categories
• When a report is saved, active report preview is cleared
• The "Unhandled exception has occurred in your application..." error is encountered when provided SQL Server name is incorrect during the ApexSQL Audit central instance setup
• The “Filter settings changed” warning is displayed when user opens any option from Compliance form and cancels the profile
• The 'login failed' unauthorized access event is captured if before-after database is not installed on the central instance
• New database created via Archive feature does not retain existing permissions on the initial database
• The "Temporary file location" option is missing 'browse for folder' in add server dialog
• It is not possible to choose which central instance to connect to in report application if there are multiple central instances present in the network/domain
• Text is not wrapped in the Alert summary form
• Frames on forms are not consistent in color
• Scrolling through report preview with mouse goes slower than through all other forms or when using arrow-keys
• Report filters cannot use entries/names with comma
• If remotely audited instance is not connectable, server side components installation fix wizard is started if instance is selected in GUI
• The merge/overwrite prompt is shown when implementing compliance configuration even if there is no existing filter to overwrite
• When compliance template is chosen, all added databases are added automatically

Fixes:

• Before-after values are not shown in the report when reading from database archive
• The 'Could not find a part of the path' error is encountered when exporting reports to a network share drive
• The “The supplied message cannot be sent because the destination is unknown” error is encountered when generating reports to .pdf, .doc and .xls formats in case when "Microsoft.ReportViewer" components are not already present on the system
• The “ApexSQLAuditBeforeAfter” temporary database is not automatically generated when before-after auditing is configured on new SQL Server instances
• Database and server operations filters ignore all other report filters when report preview is created
• First table column is not shown in the report preview when multiple columns are shown in before-after report for delete and insert operations

Enhancements:

• Auditing configuration templates, custom reports, and alert templates can now be exported and imported
• Predefined configuration templates and reports for the following compliance standards: HIPAA, PCI, SOX, CFR 11, Basel II, FERPA, and GLBA
• Alert recipient lists and alerting profiles
• Support for SQL Server 2017 CTP 2
• Before-after data encryption (AES 256)
• Remote auditing instance credentials and temporary folder are now configurable in server configuration pane
• Drop menus have been added to the server and database context menus in the New data sources dialog
• Filter conditions are now available for before-after auditing reports
• Navigation through before-after configuration panel is up to 1,000% faster when more than 100 tables are audited
• Up to 200% faster auditing of SQL queries containing over 20,000 characters
• Adding tables in the before-after auditing panel now shows a progress indicator
• Remote installation on a Windows domain is now available

Fixes:

• Custom value cannot be added in alerts configuration
• Operations for internal events cannot be specified
• Text data is cut in the report preview if the text is larger than the current application window size
• F1 keyboard key doesn’t open help
• Missing check all button in the object filter
• Scrollbar in report preview panel changes in size during the scroll
• Alerts cannot be grouped by severity in alert history
• The Server filter cannot show servers with a backslash character between the machine name and the SQL Server name in the report preview
• The 'Object reference not set to an instance of an object.' error is encountered when making changes to the before-after configuration in a specific case
• The application installer dialogs are not properly displayed on 4K screen resolution
• Alert name in the alert summary is not checked for validity
• The trace filter is applied incorrectly when login and application filters are set per database in the advanced filter causing audited data to not be collected
• The application is no longer activated and stops working on virtual machines after a virtual machine update, configuration change, or power outage
• Advanced filter selected values field is missing in the Object browser dialog
• Comma is used as a separator in advanced filter preventing usage of applications and names which contain comma
• Microsoft account is not automatically recognized in the auditing filters and must be entered manually
• The 'is not' condition cannot be used for operations in reports
• Before-after auditing doesn't start after the configuration until at least one database is added in the simple filter
• Simple filter cannot be applied if unsaved empty condition exists in the advanced filter
• The application cannot detect local SQL Server instances on x86 operating systems
• General overview shows the number of SQL Server cluster nodes as the number of audited instances when a SQL Server failover cluster is audited
• The application components size is incorrect in the installer wizard
• Copying before-after event doesn't copy the event data in report preview
• Add table dialog freezes when loading tables from a database with very large number of objects
• Multiple values cannot be entered for client host condition
• The ”An error occurred while processing request on central instance” error is encountered when creating a custom report with login filter which includes backslash
• The “.NET Framework error occurred during execution of user defined routine or aggregate
• System.Data.SqlClient.SqlException.NET” error is encountered when making changes to the database that is added for before-after auditing in specific cases
• Canceling any warning message during the application installation aborts the installation process
• Node name is used in the reports preview instead of the actual failover cluster name
• Row wrapping doesn't work in the summary panel
• The “Cannot import dll VclStylesinno.dll” error is encountered when the application is uninstalled by a different user from the one who installed it
• The “Cannot resolve the collation conflict” error is encountered when database with SQL_Latin1_General_CP1_CI_AS collation is added for before-after auditing
• Operation ID is shown instead of the operation name when exporting to CSV format
• “The installation of server-side components failed. Cannot open archived database” error is encountered during the application upgrade if the archived database has been moved or deleted
• The application shows object alias instead of object name in reports
• Insert and update statements on temporary tables with table joins are incorrectly shown as operations on the regular tables in the reports
• Before-after auditing doesn't work on case sensitive databases
• The 'Windows local time' cannot be selected in the options dialog reporting tab
• Domain and user name are inverted when installing auditing instances

Changes:

• Complete UI redesign with emphasis on usability
• Central repository database archiving is no longer mandatory on application update
• Web reporting module has been deprecated in favor of the new Reporting application which includes all report related features and can be installed as a separate component which shares report configurations with the central instance

Enhancements:

• Trace event filtering performance increased by up to 30%

Fixes:

• The 'There are no more endpoints available from the endpoint mapper" error is encountered when installing auditing instance on specific failover cluster instance
• User is not informed that CLR has been enabled when before-after auditing is applied to a database
• Application automatically installs ApexSQLAuditBeforeAfter database on audited SQL Server instances where before-after auditing is not applied

Enhancements:

• The application can now filter excluded applications and logins directly on the SQL Server trace level

Fixes:

• The application incorrectly detects the target object when insert and select operations are executed against the temporary table
• The auditing instance cannot process trace files timely when a high-performance machine used allows to SQL Server to process and save trace files in real time
• The backup and restore filters will not audit events if a database is not added for auditing even when it is classified as the server level filter
• The "Failed to collect the trace file: .trc. Trace will be moved to quarantine folder. Error Message: Value cannot be null." error is encountered and application can stop processing the trace files with the valid data
• The advanced "Contain" and "Does not contain" filters expressions are causing the trace file cannot be processed
• Incorrect info is displayed in the archive database dialog indicates that archived database needs to be added as a datasource when creating reports
• The "Are you sure you want to delete..." prompt is missing when deletion of an alert is initiated
• Archived databases are not sorted historically in the verify integrity dialog drop down menu
• Export report drop down menu doesn't open save as dialog, only selects the format
• Saving a custom report clears the current preview
• Adding or removing a column from custom report will clear the report preview
• When previewing report with less pages than a current preview displays, it will show 'no events found' instead of showing the page in the new preview
• Restoring application window back after being minimized, will not restore active warning dialogs
• A non-informative message appears when Invalid activation code is inserted
• UI issues in the Activation and Uninstall windows
• UI issues in the Login(s) window
• The "Unable to generate preview: Sequence contains no matching element" is shown instead of preview box for custom alerts
• The Bin folder and belonging files will not be removed after uninstalling the auditing instance if it is automatically upgraded to the latest version from the central instance

Changes:

• The "Drop database" and "Alter database" events have been moved from the database to server category in simple filter
• Internal events are not selected by default in Common reports anymore
• The following events have been renamed and moved from server to database category in simple filter
  • Create DML trigger -> Create trigger
  • Drop DML trigger -> Drop trigger

Known issues:

• A graphical issue shows several events which have changed categories and were renamed in the simple filter in the current version as unchecked after the upgrade to the 2016 R2 version even though the auditing of those events continues

Enhancements:

• Application now supports alerts logging into Windows Event Log
• Reports can now use multiple data sources simultaneously
• Advanced application status with detail info about central and auditing instances
• CLI for exporting reports to all of supported file formats
• Improved alerts editor with variables highlighting and result preview
• SQL Server 2016 CTP3 support for before-after auditing is added

Fixes:

• The add firewall exception will open the target port completely, instead only for the application
• The Windows taskbar is not shown on hover, when the Auto-hide the taskbar option is checked, and the application is maximized
• Pressing the cancel button in the "remove server" dialog removes that SQL Server instance
• Incorrect auditing instance status and trace collection is shown when application trial expires
• Wrong disk size requirements is displayed in the installation wizard
• CSV export doesn't show the operation name
• CSV export is not showing the same status values as other reports
• The "Object reference not set to an instance of an object." error is encountered when switching between report columns
• The "The system cannot find the file specified" error is encountered when opening already deleted/moved report from application
• Adding or removing a column from the custom report will clear the report preview
• Saving a custom report clears the preview
• Large number of system events related to package loading are stockpiled in file system due to incorrect path to ReceivedPackages folder
• Removing any added auditing instance in GUI, except the first one, will always remove the first one, while GUI will still display the old one
• Message box disappears to the background when Main window loses focus
• The application stop working with warning that activation is expired, while the About windows displays that state is activated as well as the central status tab
• When previewing report with less pages than current preview shows, preview shows 'no events found' instead of showing the page in new preview
• The "Failed to collect the trace file: filename.trc. Trace will be moved to quarantine folder. Error Message: Value cannot be null." error is encountered and application can stop processing the trace files with the valid data
• The instance will be marked as installed in the Add server dialog if previously removed from auditing while it was inaccessible
• The "Index was out of range. Must be non-negative and less than the size of the collection" error is encountered when copying a field in the generated report via CTRL+C
• The "Detect low disk space alert on instance" alert will stop auditing, but will not start auditing again after state is back below the alert threshold
• The SQL Server instance name can be displayed double in the reports drop-down list
• The Edit report source dialog have the field "Name", which doesn't have any purpose
• Once the central instance start loading data into the repository database, after been stopped previously by the alert, it will log as double event that were executed while alert was still active
• The package loading into the repository database will not be started again after condition for the free disc space alert ceased to exists
• The Archiving process takes over 5 minutes for almost empty repository database and after finished the repository might not be archived
• The application can completely stop internal logging randomly
• The report's data source will not be removed from the list without warning after explicit remove is performed, causing the numerous errors in the background
• The low space alert for the auditing instance will be triggered in the background but will not be displayed in the alert history
• The variables cannot be inserted at the beginning of the line
• The CREATE events will be logged in repository without the schema and object or with the wrong schema or object or operation in case when the state of the event is marked as failure
• The CREATE TABLE event can be double logged in the repository database if the state of the event is "failure"
• The data source cannot be removed in the Reports options dialog
• The database list in the Add database dialog of the Simple filter is not sorted in alphabetical order
• The variables in the subject field of the alert wizard cannot be added by selecting them from predefined set of variables
• The variables in the subject field of the alert wizard are not highlighted
• The data integrity alert will be send repeatedly each time when alert checks for integrity, even the new database integrity breach wasn't occurred
• The alert filter is missing the client host condition
• The Row time column in the Verify audit integrity dialog is empty
• The successful UPDATE operation can be marked as failed in the report
• The report might display double update events
• After stopping the instance via the Stop button, audited instance will be stopped but GUI indication will continue to show as running, and the Start button will be remaining disabled which prevents starting the auditing again
• There is no tool tips with description of variables in the alert wizard dialog
• There is no preview for the alert details settings in the basic settings dialog of the alert wizard
• The application allows selecting and adding the single cluster node of the failover cluster even when auditing instances are installed on all nodes and recognized as the part of the same failover cluster
• The application does not validate when adding the failover cluster instance whether the auditing instance exists on all nodes of the same failover cluster
• Every restart of the audited service will cause a new distributed processor to be started which multiply the logging of the same event in the repository
• The DROP LOGIN event is always stored twice in repository database and displayed twice in reports
• The “Prev” and “Next” buttons are missing the < and > signs respectively in all dialogs
• Installation of Auditing instance offers to create a shortcut for application

Changes:

• Before-after auditing is now CLR trigger based
• Before-after auditing reports are now part of the unique reporting system
• The Auto growth value for the repository database is set to 1GB to prevent frequent auto growth and consuming too many resources
• The central repository ‘PRIMARY' datafile size is set to 5GB by default
• The size of the generated trace file is set to 10MB by default

Enhancements:

• Additional filtering has been added on the SQL Server trace level which reduce the number of generated trace files to improve the overall performance and reduce overhead on SQL Server additionally
• Automatic update of auditing instances when the main application is updated

Fixes:

• The GUI based reports preview will display only the first 100 results
• SQL Server configured as failover cluster cannot be properly detected when it’s cluster node is shared across multiple SQL Server instances

Changes:

• The application now logs and stores only highly important system events data in the central repository database, by default

Enhancements:

• Before-after data values auditing is added
• SQL Server 2016 CTP2 instances can be audited and used for the central repository database hosting

Fixes:

• An email is not sent when alert is triggered
• The "installation of server-side components failed. Error upgrading current central repository database." error is encountered when upgrading from the 2014 R5 version
• Available variables that can be used in the Basic settings dialog of the alert wizard are not listed
• The variables in the "Basic settings" dialog of the alert wizard are not highlighted
• The Central repository database tampering alert wizard will not remember user defined "Start check at" time
• The user defined Central repository database tampering alert mail server configuration will be reset after the GUI restart
• The expanded advanced filter selections of the "Server" operator cannot be scrolled up and down
• The 'ERROR: System.ArgumentNullException: Value cannot be null' is encountered when auditing instance is stopped via CLI while the GUI is running
• The "Error generating the report: Object reference not set to an instance of an object" error is encountered when trying to generate the custom report after removing any grid column
• The column will be still displayed in the grid after its removal via the Select columns dialog
• The "Object reference is not set to an instance of an object. Source: ApexSQL.Audit.Gui" error is encountered if some columns are removed from the custom reports and after switching focus from reports to any other tab and then selecting the reports tab again
• The page number displayed in report is incorrect and significantly larger than the real one
• The values cannot be entered by user for the contains/doesn't contain operands in the custom report filter
• The 'An error occurred while processing request on central instance' error is encountered when generating XLS report for more than 100.000 events
• The Object filter in common reports filters by the object and access objects columns, while custom reports object filters only by the objects column
• The 'ApexSql.Comply.Processor.Distributed.Console has stopped working' error is encountered if any of the audited SQL Servers is stopped when application is uninstalled
• The start and stop instance CLI commands will not change the state of the equivalent commands and targeted instances in GUI, making for user impossible to determine which instances are stopped
• Incorrect 'Report is exporting...' message displays when generating report
• There is no indication/information that the report has been exported
• Going back through the installation wizard resets the user defined settings
• The "Getting objects list from the server" process cannot be completed
• Not all report row details will be copied in clipboard using Ctrl-C or the context menu "Copy" command
• Instead of adding only missing columns, all selected columns will be added to the column list in the custom report
• The 'An error occurred during local report processing. The definition of the report '' is invalid. More than one report item in the report has the name ‘OperationHeaderTextBox...’ error is encountered when same column is added to the report grid more than once
• The 'Order by' drop-down list contains all columns including the columns excluded from the report grid
• The application shows "full text" instead of "FULLTEXT" in the Text data
• Adding 'Auditing instance' component for installation in installer will not update/affect installation disk space requirements
• The 'Generate' button is not disabled during the report generation process
• The 'add database' dialog is missing select/deselect all databases option

Changes:

• The "Limit the number of notifications..." checkbox is removed from the system alerts dialogs
• The variable sign "$: is changed to "%" in the "Basic settings" alert wizard dialog

Known limitations:

• Before-after data values auditing is not supported for SQL Server 2016 CTP2

Fixes:

• The selected operator in the advanced filter do not provide option to pick from the existing data from the added SQL Servers
• After upgrading the central instance, the auditing instances will not be upgraded automatically, after adding the SQL Servers hosted by these auditing instances for auditing
• The custom internal and web report display the larger number of events than the "Complete audit trial" report for the same time period selected
• There is no validation in selecting conditions for alert, meaning that if one server was set for alert condition, databases can be added from another server, making the alert prone to errors
• The redesigned original filter is much harder and less convenient for use, if user opt not to use advanced filter
• The Advanced filter allows inserting of the same condition value multiple times
• It is not possible to exclude a single SQL Server from the advanced auditing
• The EXECUTE AS and the REVERT statements cannot be audited by application
• The "Cancel" button in the "Report" options does not work
• The OR operator in expression between the parent and the first child, in the indented group, is always disregarded in favor of AND operator, which results in the wrong expression results
• The application settings history does not display what settings were changed and how
• The "System.ArgumentException: Object must be of type String" error is encountered when a captured SQL statement is too large
• The first child OR operator, in the "Advanced filter" feature, is ignored and the AND operator is used instead
• The "Application filter" option in the "Reports" feature does not work
• The "Loading report data" displays in the bar when trying to preview reports
• The "Warning: This product is not activated. Auditing is stopped" falsely warning message is displayed in web reports even the user is under the valid trial period
• A redundant type column "Schema" in the object browser for the "Schema name" advanced auditing filter condition
• The "About" window wrongly indicates the "Professional version" of the application
• Inconsistency between the "Complete audit trial" and the "Logon activity history" reports, as there is a difference in the data where identical reports should be displayed
• The "All Servers" button does not disable the main menu buttons, if a single server was previously selected
• There is no drop-list menu with available date/time formats
• The application randomly stops working and closes when setting the advanced auditing filter
• The F1 key does not initiate help in any application form
• The "Help" button in the Web reports leads to a wrong page
• The "Exclude" filters can be accessed only by clicking on the "Include" link
• The "ApexSQL Audit has stopped working" error is encountered in the specific cases on an application restart
• The "Generate" button is not disabled during the generation process
• A database is not automatically selected after it is added, so access to the database operations is unavailable in a simple auditing filter
• The "System.Windows.Markup.XamlParseException: Set property 'System.Windows.FrameworkElement.MaxHeight' threw an exception." error is encountered and will prevent GUI to start
• The alert's Server operation filter cannot be set and thus alert cannot be triggered on server level operations
• The Send logs cannot collect the logs from the remote auditing instances
• The application will stop loading and storing in repository packages stored in the file system and will never start to loading them again
• Current active data source central repository database connection can be changed
• After communication blackout between the audited and central instamce or if cental instance stop working, the data stored by auditing instance in the package folder will not be send to central instance after communication is reestablished
• When large reports are exported, they cannot be saved or viewed anymore if it is larger than the available amount of the free RAM memory, which also causing the central instance to stop working
• Application will not collect anything when SELECT INTO query condition is set
• The alerts will not be triggered for the SELECT INTO statement when the SELECT INTO database operation condition is set
• The SELECT filter condition wrongly collects the SELECT INTO statements
• The appplication goes into timeout when veryfuing audit integrity of a database with a large number of events
• The appplication goes into timeout in case of a large number of events when trying to Preview the report
• The "Message of type ApexSql.Comply.Shared messages.CommonReportExportStatusMessage timeouted" errior is encountered when exporting large number of events to CSV format
• The applicaton offers a deleted archive database as a source
• The main application does not access the selected data source
• The web reports can access a selected data source (archive), but only in the preview grid
• The web reports can not export due to missing file

Enhancements:

• Advanced filter for auditing, reports and alerts has been added
• Custom local reports can now be created
• Alerting for instance and SQL Server connectivity has been added
• Alerting based on results of custom SQL scripts has been added
• Alert checking interval is now adjustable
• Data integrity check for archived databases can now be performed

Fixes:

• The application service stops working after some time period and must be started manually
• The installer doesn't validate the central instance host server address and allows installation to continue even with wrongly entered server name
• The user who have access to repository database using db user account, cannot access and use reports after archiving the repository database
• The "Reports" feature doesn't access the repository database via the application service causing that other users cannot create reports unles they ensure acces to the repository database manually
• When editing an alert that have more coditions active, only the "When operation" condition will be displayed as active
• The "Alerts" feature doesn't distinguish the host OS regional settings causing the wrong interpretation of the repository database size due to changed "." and "," functionality, constantly triggering the repository database size alert
• Increasing the number of alerts will proportionally slows down displaying of the Alert reports until it cause the application to stop responding completely
• The "System.ArgumentException: Cannot delete a subkey tree because the subkey does not exist" error is encountered during the upgrade process causing that even old version installed will not work anymore
• The "VerifyCrdIntegrity" CLI command shoud be changed to "VerifyRepositoryIntegrity"
• The "ArchiveCrd" CLI command shoud be changed to "ArchiveRepository"
• There is no text data field in reports
• The "Failed to remove server" message appears when removing the server that is not accessable, even the instance will be removed after the GUI restart
• The application cannot detect when a server cannot be reached and it always displays that all servers are running fine
• The application cannot be activated when a host computer is using non standard regional settings
• The "Failed to remove server" message appears when removing server that is not accessible
• The "Reports" feature displays already redundant and double accessed objects
• The opened dialog cannot be closed by using the escape key

Known issues:

• The "Loading report data" displays in the bar when trying to preview reports
• The Overview occasionaly incorrectly indicates that some instances are unresponsive
• The "Warning: This product is not activated. Auditing is stopped" warning message is falsely displayed in web reports during the trial period

Enhancements:

• Filtering by application and login
• CLI commands for archiving, verifying integrity, starting and stopping an auditing instance

Fixes:

• The "The server cannot handle directory requests" error is encountered when entering domain credentials and validation of the service account throws an exception preventing the installation to complete
• Upgrading of an auditing instance doesn't work
• The application cannot audit the following events: Alter role, Alter server role, Audit login and Audit login failed
• Selecting the data source in the reports option tab doesn't work
• Legacy reports don't work due to an incorrect version of "Microsoft.ReportViewer.ProcessingObjectModel.dll"
• The application counts every SQL Server cluster node as a separate license instead as a single clustered instance license for SQL Server cluster
• The events cannot be collected from the clustered server if a cluster node have "-" in its name

Changes:

• Product name changed to ApexSQL Audit

Enhancements:

• Added SQL Server Failover Cluster support

Fixes:

• The internal reports are hardly readable due to low padding between the rows
• The application installer roll back changes without any info or warning at the end when the .Net Framework 4.5 version isn’t installed
• The application cannot collect the CREATE SERVER ROLE event
• The application cannot collect any backup and DBCC activities
• The Send logs feature doesn't work
• Installer requires the running application to be closed, even the application isn't running
• The Edit alerts dialog displays the blank Operation field
• The Default central repository database size alert do not send emails when the repository database is back to normal size
• The Alerts management tab doesn't show the alert severity for the listed alerts
• The Alerts tab doesn't displays severity icons in the grid

Enhancements:

• The report form now includes the progress indication and notification status for report exporting functionality

Fixes:

• The last common report in the web console list is overlapped by the browser's destination address tooltip
• The application's Overview tab indicates that all servers are running fine, even the server’s status indicates that some SQL instances are unresponsive
• The data operations history report, wrongly contains the text data that indicate the wrong delete vs. insert operation
• The 'The file 'C:\ProgramData\ApexSQL\ApexSQLAudit\Auditing\MSSQLSERVER\LOG\ApexSql.Audit.Service.log' already exists.' error is encountered when trying to upgrade the application with the newer version
• The desktop icon will be deleted after updating application to newer version
• The Database auditing settings' database list is not sorted in an alphabetical order
• The "An error occurred during the processing of updates: Object reference not set to an instance of an object" is encountered when trying to perform an online update
• Pressing the Add servers button will increase the number of servers and databases even when user do not add any new server
• The installer will report that ASP.Net 4.5 isn't installed on Windows Server 2008R2, even it is enabled and running in the Application tools
• The ALTER TABLE statement could be logged as a double event
• Pressing the button "Generate" in the local reports when there is no events to displayed in reports will not have any effects and appears like the button/report doesn't work
• The Reports' time filter utilize the AM/PM format while report grid displays the 24H time format
• The Permission changes per user report doesn't allow events filtering per specified user
• The report filters don't provide an option for user to pick from the drop down lists instead of typing directly in the text boxes
• Object filtering in the Add objects to filter dialog doesn't work
• The logon event state isn't shown in the Logon activity history report
• Exporting the custom reports always wrongly result in two exported files
• The application wrongly interprets security events and displays the wrong data in reports
• The application logs the EXEC events as the unknown operation and thus prevents the event filtering

Known issues:

• The application cannot audit and collect the CLOSE MASER KEY and CLOSE SYMMETRIC KEY events when enclosed in the used defined transaction
• The application cannot audit and collect the CREATE SERVER ROLE event

Enhancements:

• Reports are available in the application GUI now. The previous versions had only Web reports
• An improved operation filter that allows more granular operation selection. Instead of 3 server operation types that existed in earlier versions, 37 server operations are given in the filter now
• Reports are available in the application GUI now. The previous versions had only Web reports
• An improved operation filter that allows more granular operation selection. Instead of 3 server operation types that existed in earlier versions, 37 server operations are given in the filter now
• An improved object filter that allows more granular object selection. Specific objects can be included or excluded from auditing
• Three predefined alerts that are raised when the central repository database size, free disk space on the central or audited instance reach their predefined values
• Data alerts now support more than 100 operation types
• Improved Web report filtering. The same operations that are added to the operation and object filters are added to the Web report filter
• The time needed to show an event after it was executed on SQL Server in the report is reduced up to 3,000%
• New user interface style

Fixes:

• Missing alerts for Login/Logout events
• Missing option to review Login/Logout events in application reports
• The application cannot log the operations on audited database where fully qualified name is used when the connection is set for non-audited database
• The Active traces files occupies large amount of disk space when very high server activity is present due to inability of software to process the data timely
• Internal application events are logged and saved in the application repository database, making noise in the reports
• The alert cannot remember and accept the "is not" condition, and every alert with "is not" condition will be actually saved with "is" condition and will trigger the alert
• The condition which determines when the alert will be triggered changes its state after editing
• The alerts for BACKUP MASTER KEY and BACKUP SERVICE MASTER KEY do not work
• The Apply option doesn't work properly after changes are made in the object or database filter
• The application stops responding when trying to manipulate large number of objects in the Object selection filter
• The Global Overview button doesn't respond after SQL Server instance is stopped
• The Web report cannot display all columns in display resolutions width lower than 1920 pixels
• Mouse right click button checks/unchecks Operations types

Known issues:

• The "Object reference not set to an instance of an object" error is encountered when updating application via automatic on-line update
• The "Error generating report: Invalid column name 'ID'." error is encountered when trying to filter via local report's Object filter field
• The "Error generating report: Object reference not set to an instance of an object." error is encountered when trying to filter via local report's Schema filter field
• The application installer reports that ASP.NET 4.5 isn't installed on Windows Server 2008 R2 and refuses to install Web reports, even when ASP.NET 4.5 is available

Enhancements:

• SQL Server 2014 instances can be audited and used for the central repository database hosting
• Creating and reviewing alerts on specified users and events via the Main GUI and email notifications
• Redesigned reports with improved readability

Fixes:

• The application service doesn't start automatically after the computer restarts
• The "Archiving failed to complete" error is encountered when archiving a large Central repository database
• The "Help" button in the "Resources" tab is opening an incorrect page
• A middle mouse scroll button is not working on the database list in the main application GUI
• The "Archiving failed to complete" error is encountered when using the "Archive" button
• The Web reports require user to type in filter values instead of allowing selecting the information from the dropdown menu or via autocomplete
• The "Audit settings history" report doesn't have a text in the "Text data" field for the "Configuration successfully updated by user" event types
• The "Server name" field is not populated in the reports for the "Package closed" and some other event types
• The "The definition of the report "is invalid" error is encountered when using the "Audit integrity checks" report
• The empty "Text data" row takes too much space in the reports making them less readable
• Various errors occurs when using the "Verify audit integrity" option and the process of verification cannot be completed
• Reports exported to PDF are unreadable
• The "Send logs" options does not work
• Tooltips are missing for audited SQL Server instances
• Moving through the "Operations types" pane by using the arrow keys is not consistent
• The mouse cursor is inconsistent when pointing at the "Load" button in the Web console on the "Custom reports" page
• The Web console interface cannot preserve the page formatting when the browser window is resized
• The ApexSQL Audit setup asks to close a running application before performing the upgrade
• The ApexSQL Audit setup shows the "No component is selected!" error during the upgrade process
• Auditing doesn't work after the application upgrade
• The system event "Trace file close" is logged and displayed in reports even the "Exclude system objects" option is checked
• False information that application will work in the Community mode after the expired trial period
• Once the auditing on SQL Server instances is stopped using the "Stop auditing" button, it starts again after pressing the "Refresh" button
• The application will continue to log the events even after the "Stop auditing" button is pressed
• The "Failed to commit settings to a server" error is displayed when trying to set filters in the main application GUI
• Missing the Hardware ID information in the activation dialog
• The trial extension for the application does not work
• The application logs the internal SQL Server SA user connections without any data
• It takes more than 10 minutes for audited data to be available for reporting via the Web console
• The application cannot audit all transactions when auditing SQL Server with extensive traffic and a lot of transactions are missing in reports
• The application stops showing transactions in the Web console when it has to collect an intensive traffic from the Central and Audited instances on separate machines
• The "System.IO.FileNotFoundException" error is encountered when ApexSQL Audit is started
• The CPU usage raise up to 80 percent when working on a database that is not even set to be audited by the application
• The "State" column in the Web console reports are empty
• An incorrect version of ApexSQL Audit is shown in Windows Control Panel
• An incorrect number of licenses is shown in the "License info" dialog
• Exported reports cannot be removed from the Web console
• The "Invalid object name 'ApexSql.AlertEvent#Const'." error is encountered when verifying the audit integrity
• Statements on SQL Server system objects are reported even if the "Exclude system object" option is selected
• The reports show logged events without information or indication what these events are
• Unchecking all filters in a report results in showing all found events instead of none
• Incorrect alignment of provided export options in the reports
• The "Load" button in the Web console is not properly aligned
• Only one column can be added to the "Display columns" pane in the "Custom reports

Changes:

• New user interface that follows Metro UI style
• Removed the "Audit new databases automatically" option

Enhancements:

• System objects can be excluded from auditing
• Ability to choose whether new databases will be automatically audited or not
• SQL Server instances are added for auditing using the main application GUI
• The License info screen shows how many audited servers are supported by the current license
• A dashboard showing the overall system status is introduced
• Ability to select the folder for trace files and packages during the installation
• Web reports user options and exported reports are stored in the Central repository database for easier migration
• The database objects tree can be expanded and collapsed
• Ability to choose the TCP port during the installation
• Added the new "State" column in Web reports to indicate whether the operation was "success" or "fail"

Fixes:

• If the "Exported reports" tab is selected while using the "Custom reports" tab, the custom report filter is cleared
• The installation process doesn’t warn that required IIS components (the Static Content and Windows Authentication feature) are missing
• Changes on the Date/Time format applied in the "Options" tab do not affect the "Custom reports" tab
• The "An error occurred while trying to replace the existing file: DeleteFile failed; code5. Access is denied." error is encountered when installing the Web reports component on the system where the main application has already been installed
• The "Audit instance is not responding" error is encountered, and a remote SQL Server instance cannot be removed from the main application with the "Audit instance is not removed. Please see error log" error
• The "Exec return zero or less" error is encountered when the installation process is canceled by a user
• If the ApexSQL Audit service is stopped while running data integrity check the application stops working
• All objects are shown in the "Permission changes per user" report, instead of the selected schema object only
• Inconsistent status messages in the notification and status bar after the trial expires
• The "System.ArgumentNullException: Value cannot be null" error is encountered during the installation if no SQL Server instances are installed
• The "Could not find file 'C:\ProgramData\ApexSQL\ApexSQLAudit\ExternalInfo\ExternalInfo.dat" error is encountered during the uninstallation process, and the process must be repeated in order to be completed
• The license activation information is lost after the ApexSQL Audit service is restarted
• The "The value of the Width property for the tablix 'ContentTablix' is "X,X in", which is not a valid size. Valid sizes may not exceed 455 inches" error is encountered in Web reports and auditing reports can't be generated
• The "Schema operations" report shows the same table creation three times in a row
• The SQL Server instance with a failed state cannot be removed using the "Remove instance"
• New SQL Server instance located on a remote machine cannot be added for auditing
• New SQL Server instance located on the same machine as the main application cannot be added for auditing
• The default SQL Server instance cannot be added back for auditing once removed from auditing via the main application GUI
• The "Logon activity history" report shows numerous application's own activities over the central repository database database
• The "Complete audit trial" report shows numerous application's own activities over the central repository database database
• The Web Reports module cannot be uninstalled if it's installed on the same system as the main application
• An incorrect information is provided if the installation process is stopped due to the already existing Central repository database
• Missing the number of total events on the "Daily activity" report
• The "Created users" report shows the event about the "sa" user creation, even it exists since the SQL Server was installed
• Changing data in the tamper proof Central repository database causes the "Verify audit integrity" feature to stop functioning
• After restarting the audited SQL Server instance all databases in the main application GUI are marked as "New"
• The application goes in the "Not Responding" state after updating using the online update feature
• The application is capturing database events, even the database is excluded from auditing
• The "Object reference not set to an instance of an object" error is encountered when trying to install the Auditing instance component
• The additional "Windows authentication" requirement appears if the installation process is restarted, even the user fulfilled all the requirement requests during the first installation attempt
• The installation process cannot automatically detect whether ISS and ASP.NET are installed on the system
• Numerous visual and functional issues fixed in the ApexSQL Audit installation process
• Numerous visual and functional issues fixed in the Web reports component
• Numerous visual and functional issues fixed in the main application GUI

Changes:

• An option is introduced to select multiple objects in the Database objects tree and check/uncheck them
• The "View reports" button in the main application GUI is disabled if the ApexSQL Audit Web reports is not installed
• Only the specified TCP port is added to the Windows Firewall exception list when installing the main application
• The Help page is opened in separate tab/window when Web reports is used
• A notification about data integrity verification completion status is shown after the data integrity verification process is completed
• The application automatically detects if stopped SQL Server instance is started again
• The Web console is now called Web reports
• During the installation, if the appropriate checkbox is selected on the "Provide credentials for ApexSQL Audit service" dialog, the setup can add the selected Windows account to all local SQL Server instances
• A single Windows service is created instead of creating a separate Windows service for each audited SQL Server instance
• Distributed instances are now called Auditing instances
• The Auditing instance component has to be installed directly on the remote machine that hosts the SQL Server instance, prior to adding it for auditing using the main application GUI
• A single setup is used for installing both the main application and Auditing instances

Enhancements:

• The application monitors free disk space, automatically stops auditing/package collecting when free disk space falls below the specified threshold, and resumes when free disk space is above the specified threshold

Fixes:

• When installing ApexSQL Audit distributed instances, the application setup allows a remote SQL Server instance to be selected as the central repository database
• The missing IIS sub-components (Windows Authentication and Static Files) were not reported during the installation process and the Web console installation continues

Enhancements:

• Added support for archiving the Central repository database

Fixes:

• Installation cannot perform upgrade from previous versions
• Automatic update does not work properly using the "Get updates" option
• The "Send logs" option does not include ApexSQL Audit distributed instances log files from other machines
• ApexSQL Audit distributed instances that no longer exists cannot be removed from GUI
• The ApexSQL Audit distributed help shortcut on the Start menu does not work
• The "DENY" operation is missing in parameters for security reports
• Tampering is not reported if the Central repository database was tampered and reverted afterwards to the original state

Changes:

• Activation is required after the 14-day evaluation period
• The Central repository database is renamed from "ApexSqlCrd" to "ApexSQLCrd"
• Newly detected databases are excluded from auditing by default
• The SQL Server hosting ApexSQL Audit central instance can be included/excluded from auditing during installation

Features:

• Audits multiple SQL Server instances and databases
• Audits DDL, DML, queries, execute operations, errors, warnings and security operations
• A centralized auditing repository for all audited SQL Server instances
• A tampering-evident algorithm for data integrity
• 35 built-in reports for complete audit trail, authentication changes, permission changes, etc.
• Custom reports option with a visual filtering system
• Several file formats for exporting generated reports, such as .doc and .pdf
• Supports Microsoft SQL Server 2005, 2008, 2008R2, and 2012 auditing

Known limitations:

• If a central application instance is already installed, the distributed one cannot be installed on a different SQL Server instance of the same machine