Came across this on the checklist for best practises
Enable security auditing
. Enable security auditing of Sysadmin actions, fixed role membership
changes, all login related activity, and password changes.
. After selecting appropriate auditing options, you should
script the audit, wrap it in a stored procedure,and mark that stored
procedure for AutoStart.
But dont really know how to go about it ? Is this part of Profiler ? And if
so, will it be an overkill to run on a continuous basis on a server that may
be highly transactional ?