Passive security refers to the practice of logging user activity in order to avoid the threat of non-repudiation. This is important, because if an attack is launched by a privileged user, it allows for appropriate disciplinary or even legal action to be taken. SQL Server provides SQL Server Audit to assist with implementing passive security. In this chapter, we will discuss the concepts involved in auditing, before demonstrating how to implement SQL Server Audit, including the creation of custom audit event.