I'm working with SQL Server Always On Availability Groups and need to implement auditing for our environment. I have a specific requirement to audit activities on the secondary replicas that are configured as read-only.
Our specific use case is that we have users executing SELECT queries directly against our read-only replicas, and we need to capture these queries in our audit logs for compliance and security monitoring purposes.
My questions are:
Is it possible to set up SQL Server audit specifically on a read-only secondary replica to capture these SELECT operations?
If yes, do I need to configure it separately on the secondary node, or will the audit configuration automatically replicate from the primary?
How would the audit logs be stored and managed for the read-only replica?
Are there any performance implications or best practices I should be aware of when implementing auditing on read-only replicas, especially considering we need to capture potentially high-volume SELECT operations?